Passport本地策略完成callback不会传递错误json消息

我想通过一个JSON消息,当身份validation失败,使用完成callback在LocalStrategy,但我得到的是401和“未经授权”string的响应。

var express = require('express'); var bodyParser = require('body-parser'); var passport = require('passport'); var LocalStrategy = require('passport-local').Strategy; var app = express(); app.use(bodyParser.json()); app.use(passport.initialize()); passport.serializeUser(function(user, done) { done(null, user.email); }); var strategy = new LocalStrategy({ usernameField: 'email' }, function (email, password, done) { if (email === 'test@gmail.com' && password === 'pass') { return done(null, { email: 'test@gmail.com' }); } else { // never get this json object on the client side when posting invalid credentials return done(null, false, { message: 'invalid email or password' }); } } ); passport.use(strategy); app.post('/login', passport.authenticate('local'), function(req, res) { console.log(req.user); res.json(req.user); }); app.get('/', function(req, res) { res.json({ message: 'hello!' }); }); var server = app.listen(3000, function() { console.log('api is listening on ', server.address().port); }); 

的package.json

 { "name": "passport_example", "version": "1.0.0", "description": "", "main": "app.js", "scripts": { "test": "echo \"Error: no test specified\" && exit 1" }, "author": "", "license": "ISC", "dependencies": { "body-parser": "^1.13.3", "express": "^4.13.3", "passport": "^0.2.2", "passport-local": "^1.0.0" } } 

我究竟做错了什么?

您正在设置的message值存储在会话和闪存中。 我不认为护照有任何select发送json错误消息。 但是您可以在authenticate方法中传递callback并从那里发送消息:

 app.post('/login', function(req, res, next ){ passport.authenticate('local', function(err, user, info) { if (err) { return next(err) } if (!user) { return res.json( { message: info.message }) } res.json(user); })(req, res, next); });