Express + nodecoffee write passport login verification instance (2)

Ii. logon authentication

Passport official documentation: http://passportjs.org/guide/

Passport authentication uses a method called "policy" to authenticate requests. The policy supports three types of authentication: user name and password authentication, oauth delegation authentication, openid, and other joint authentication (Facebook, twitter, etc ).

For more information about identity Federation, see here.

Localstrategy is commonly used to verify the user name and password. It is called through the use () function.

Procedure:

1: Installation module, passport and passport-Local

2: Add reference

Passport = require 'passport'
Localstrategy = require ('passport-local'). Strategy

Reference middleware app. Use:

Passport. initialize () middleware is required to initialize passport.

Passport. Session () if the application uses a permanent login session, this middleware must also be used.

Note: The reference of this middleware must be written before app. router. The cause is described in the previous section.

3: Configure local-strategy and local policies

Passport. use (New localstrategy (username, password, done)-> User. find {Username: username, password: Password}, (ERR, Docs)-> return done err if err? Return done null, false, {message: "incorrect user name or password"} If docs. length is 0 done null, Docs [0])

After a user authentication request is sent, the user resolves the request parameter username, password (default parameter), or user-defined name. After verification, the user starts the done function. Done (ERR): The err parameter indicates an exception occurred during verification, such as a database connection problem. Done (null, false): If the credential is invalid (for example, if the password is incorrect), the second parameter of done returns false, indicating that the authentication fails. Done (null, false, {MSG: 'err info'}) Failure Information after authentication failure. You can use req. flash access to done (null, user) authentication is successful and return the user object custom authentication field, using usernamefield, passwordfield, corresponding to the input, name attribute on the page is email, passwd

new LocalStrategy({ usernameField: ‘email‘, passwordField: ‘passwd‘ },(username,password,done) -> ...)

4: when the verification succeeds, the session is established and maintained through cookies. Passport requires serialized and deserialized user instances to support sessions. Therefore, callback between serializeuser and deserializeuser is also required.

passport.serializeUser (user, done) ->  done null, userpassport.deserializeUser (user, done) ->  done null, user

5. Call

Verification triggered when a user sends a login request

App. Post ('/login ',Passport. Authenticate ('Local', {failureredirect: '/login', failureflash: True}),(Req, Res)-> If req. user. role is 'normal' # role 1 res. redirect '/MB/Index' else if req. user. role is 'audioitor '# role 2 Res. redirect '/audit' else if req. user. role is 'admin' # administrator res. redirect '/BM/Index ')

You can directly

app.post(‘/login‘,  passport.authenticate(‘local‘, { successRedirect: ‘/‘,                                    failureRedirect: ‘/login‘ }));

6. Page error message Parameters

app.get ‘/login‘,(req, res) ->  res.render ‘login‘, layout:false, error:req.flash(‘error‘)

7: Logout

app.get(‘/logout‘, function(req, res){  req.logout();  res.redirect(‘/‘);});

 

Express + nodecoffee write passport login verification instance (2)