Express + nodecoffee write passport login verification instance (2)

Source: Internet
Author: User

Ii. logon authentication

Passport official documentation: http://passportjs.org/guide/

Passport authentication uses a method called "policy" to authenticate requests. The policy supports three types of authentication: user name and password authentication, oauth delegation authentication, openid, and other joint authentication (Facebook, twitter, etc ).

For more information about identity Federation, see here.

Localstrategy is commonly used to verify the user name and password. It is called through the use () function.

Procedure:

1: Installation module, passport and passport-Local

2: Add reference

Passport = require 'passport'
Localstrategy = require ('passport-local'). Strategy

Reference middleware app. Use:

Passport. initialize () middleware is required to initialize passport.

Passport. Session () if the application uses a permanent login session, this middleware must also be used.

Note: The reference of this middleware must be written before app. router. The cause is described in the previous section.

3: Configure local-strategy and local policies

Passport. use (New localstrategy (username, password, done)-> User. find {Username: username, password: Password}, (ERR, Docs)-> return done err if err? Return done null, false, {message: "incorrect user name or password"} If docs. length is 0 done null, Docs [0])
After a user authentication request is sent, the user resolves the request parameter username, password (default parameter), or user-defined name. After verification, the user starts the done function. Done (ERR): The err parameter indicates an exception occurred during verification, such as a database connection problem. Done (null, false): If the credential is invalid (for example, if the password is incorrect), the second parameter of done returns false, indicating that the authentication fails. Done (null, false, {MSG: 'err info'}) Failure Information after authentication failure. You can use req. flash access to done (null, user) authentication is successful and return the user object custom authentication field, using usernamefield, passwordfield, corresponding to the input, name attribute on the page is email, passwd
new LocalStrategy({ usernameField: ‘email‘, passwordField: ‘passwd‘ },(username,password,done) -> ...)
4: when the verification succeeds, the session is established and maintained through cookies. Passport requires serialized and deserialized user instances to support sessions. Therefore, callback between serializeuser and deserializeuser is also required.
passport.serializeUser (user, done) ->  done null, userpassport.deserializeUser (user, done) ->  done null, user

5. Call

Verification triggered when a user sends a login request

App. Post ('/login ',Passport. Authenticate ('Local', {failureredirect: '/login', failureflash: True}),(Req, Res)-> If req. user. role is 'normal' # role 1 res. redirect '/MB/Index' else if req. user. role is 'audioitor '# role 2 Res. redirect '/audit' else if req. user. role is 'admin' # administrator res. redirect '/BM/Index ')

You can directly

app.post(‘/login‘,  passport.authenticate(‘local‘, { successRedirect: ‘/‘,                                    failureRedirect: ‘/login‘ }));

6. Page error message Parameters

app.get ‘/login‘,(req, res) ->  res.render ‘login‘, layout:false, error:req.flash(‘error‘)

7: Logout

app.get(‘/logout‘, function(req, res){  req.logout();  res.redirect(‘/‘);});

 

Express + nodecoffee write passport login verification instance (2)

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.