即使login后，NodeJs Passport isAuthenticated（）也会返回false

我是新来的angularJs，并尝试build立一个网站的本地身份validation。 我已经通过各种来源，这个https://vickev.com/#!/article/authentication-in-single-page-applications-node-js-passportjs-angularjs是非常有帮助的。 当我尝试在我的本地主机build立相同的代码进入一个循环。

app.post（'/ login'，…..）正在返回用户的响应，但在此之后加载pipe理页面，它正在检查用户是否通过调用app.get（'/ loggedin',. ..）和req.isAuthenticated（）即使在login后也返回false，并进入循环。 我不明白为什么这是发生plz帮助我。

服务器端代码

var express = require('express'); var http = require('http'); var path = require('path'); var passport = require('passport'); var LocalStrategy = require('passport-local').Strategy; //================================================================== // Define the strategy to be used by PassportJS passport.use(new LocalStrategy( function(username, password, done) { if (username === "admin" && password === "admin") // stupid example return done(null, {name: "admin"}); return done(null, false, { message: 'Incorrect username.' }); } )); // Serialized and deserialized methods when got from session passport.serializeUser(function(user, done) { done(null, user); }); passport.deserializeUser(function(user, done) { done(null, user); }); // Define a middleware function to be used for every secured routes var auth = function(req, res, next){ if (!req.isAuthenticated()) res.send(401); else next(); }; //================================================================== // Start express application var app = express(); // all environments app.set('port', process.env.PORT || 3000); app.use(express.favicon()); app.use(express.cookieParser()); app.use(express.bodyParser()); app.use(express.methodOverride()); app.use(express.session({ secret: 'securedsession' })); app.use(passport.initialize()); // Add passport initialization app.use(passport.session()); // Add passport initialization app.use(app.router); app.all('*', function(req, res, next) { res.header("Access-Control-Allow-Origin", "*"); res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept"); next(); }); // development only if ('development' == app.get('env')) { app.use(express.errorHandler()); } //================================================================== // routes app.get('/', function(req, res){ res.render('index', { title: 'Express' }); }); app.get('/users', auth, function(req, res){ res.send([{name: "user1"}, {name: "user2"}]); }); //================================================================== //================================================================== // route to test if the user is logged in or not app.get('/loggedin', function(req, res) { res.send(req.isAuthenticated() ? req.user : '0'); }); // route to log in app.post('/login', passport.authenticate('local'), function(req, res) { res.send(req.user); }); // route to log out app.post('/logout', function(req, res){ req.logOut(); res.send(200); }); //================================================================== http.createServer(app).listen(app.get('port'), function(){ console.log('Express server listening on port ' + app.get('port')); }); 

客户端Js文件

 'use strict'; /********************************************************************** * Angular Application **********************************************************************/ var app = angular.module('app', ['ngResource','ngRoute']) .config(function($routeProvider, $locationProvider, $httpProvider) { //================================================ // Check if the user is connected //================================================ var checkLoggedin = function($q, $timeout, $http, $location, $rootScope){ // Initialize a new promise var deferred = $q.defer(); // Make an AJAX call to check if the user is logged in $http.get('http://localhost:3000/loggedin').success(function(user){ // Authenticated if (user !== '0') $timeout(deferred.resolve, 0); // Not Authenticated else { $rootScope.message = 'You need to log in.'; $timeout(function(){deferred.reject();}, 0); $location.url('/login'); } }); return deferred.promise; }; //================================================ //================================================ // Add an interceptor for AJAX errors //================================================ $httpProvider.responseInterceptors.push(function($q, $location) { return function(promise) { return promise.then( // Success: just return the response function(response){ return response; }, // Error: check the error status to get only the 401 function(response) { if (response.status === 401) $location.url('/login'); return $q.reject(response); } ); } }); //================================================ //================================================ // Define all the routes //================================================ $routeProvider .when('/', { templateUrl: 'views/main.html' }) .when('/admin', { templateUrl: 'views/admin.html', controller: 'AdminCtrl', resolve: { loggedin: checkLoggedin } }) .when('/login', { templateUrl: 'views/login.html', controller: 'LoginCtrl' }) .otherwise({ redirectTo: '/login' }); //================================================ }) // end of config() .run(function($rootScope, $http){ $rootScope.message = ''; // Logout function is available in any pages $rootScope.logout = function(){ $rootScope.message = 'Logged out.'; $http.post('http://localhost:3000/logout'); }; }); /********************************************************************** * Login controller **********************************************************************/ app.controller('LoginCtrl', function($scope, $rootScope, $http, $location) { // This object will be filled by the form $scope.user = {}; // Register the login() function $scope.login = function(){ $http.post('http://localhost:3000/login', { username: $scope.user.username, password: $scope.user.password, }) .success(function(user){ // No error: authentication OK $rootScope.message = 'Authentication successful!'; $location.url('/admin'); }) .error(function(){ // Error: authentication failed $rootScope.message = 'Authentication failed.'; $location.url('/login'); }); }; }); /********************************************************************** * Admin controller **********************************************************************/ app.controller('AdminCtrl', function($scope, $http) { // List of users got from the server $scope.users = []; // Fill the array to display it in the page $http.get('http://localhost:3000/users').success(function(users){ for (var i in users) $scope.users.push(users[i]); }); }); 

  res.header('Access-Control-Allow-Credentials', true); 

  xhrFields: { withCredentials: true } 

 var cookieParser = require('cookie-parser'); ... var passport = require('passport'); var expressSession = require('express-session'); var initPassport = require('./passport/init'); initPassport(passport); ... self.app.use(cookieParser()); self.app.use(expressSession({secret: 'MYSECRETISVERYSECRET', saveUninitialized: true, resave: true})); self.app.use(passport.initialize()); self.app.use(passport.session()); ... var routes = require('./routes/index')(passport); self.app.use('/', routes); 

 var login = require('./login'); var signup = require('./register'); var User = require('../models/user'); module.exports = function(passport) { // Passport needs to be able to serialize and deserialize users to support persistent login sessions passport.serializeUser(function(user, done) { console.log('serializing user: '); console.log(user); done(null, user._id); }); passport.deserializeUser(function(id, done) { User.findById(id, function(err, user) { console.log('deserializing user:', user); done(err, user); }); }); // Setting up Passport Strategies for Login and SignUp/Registration login(passport); signup(passport); } 

 var passport = require('passport'); var User = require('../models/user'); ... var isAuthenticated = function (req, res, next) { // if user is authenticated in the session, call the next() to call the next request handler // Passport adds this method to request object. A middleware is allowed to add properties to // request and response objects if (req.isAuthenticated()) return next(); // if the user is not authenticated then redirect him to the login page res.redirect('/login'); } 

 request.login() 

 app.post('/login', function(request, response, next) { console.log(request.session) passport.authenticate('login', function(err, user, info) { if(!user){ response.send(info.message);} else{ request.login(user, function(error) { if (error) return next(error); console.log("Request Login supossedly successful."); return response.send('Login successful'); }); //response.send('Login successful'); } })(request, response, next); } ); 

 var session = require('express-session'); // required for passport session app.use(session({ secret: 'secrettexthere', saveUninitialized: true, resave: true, // using store session on MongoDB using express-session + connect store: new MongoStore({ url: config.urlMongo, collection: 'sessions' }) })); // Init passport authentication app.use(passport.initialize()); // persistent login sessions app.use(passport.session()); 

 req.session.save(function() { successRedirect(); }) 

 var app = express(); app.use(query.json()); app.use(query.urlencoded({ extended: false })); app.use(cookies()); app.use(express.static(path.join(__dirname, 'public'))); app.use(passport.initialize()); app.use(passport.session()); app.use(session({ secret: 'card', resave: true, saveUninitialized: true })); app.use('/', routes); // this is where I call passport.authenticate() 

 app.use(session({ secret: 'card', resave: true, saveUninitialized: true })); app.use(query.json()); app.use(query.urlencoded({ extended: false })); app.use(cookies()); app.use(express.static(path.join(__dirname, 'public'))); app.use(passport.initialize()); app.use(passport.session()); app.use('/', routes); 

• 写一个聊天应用程序
• Android上的node.js npm

• 如何以编程方式login到使用Google身份validation的网站
• 将护照openID-stategy与智威汤逊结合在一起
• 第三方用户使用电子validation
• NodeJS＆Express身份validation中间件无法正常运行
• 在GraphQL服务器中实现访问控制的好模式是什么？
• 同样的Google云端存储上传脚本可以在一台电脑上运行，但是不能运行，为什么？
• 节点js – 用户身份validation，在会话中存储什么？
• 我们如何在Web应用程序中进行身份validation？
• Angular Node JWT令牌authentication和页面redirect