用sqlite的node.js护照autentification

以下是使用passport-local创buildSQLite支持的login策略的示例。 Express特定的初始化已被省略。

这个例子假设你有一个包含以下用户表的数据库：

CREATE TABLE "users" ( "id" INTEGER PRIMARY KEY AUTOINCREMENT, "username" TEXT, "password" TEXT, -- sha256 hash of the plain-text password "salt" TEXT -- salt that is appended to the password before it is hashed ) 

 var crypto = require('crypto'); var sqlite3 = require('sqlite3'); var db = new sqlite3.Database('./database.sqlite3'); // ... function hashPassword(password, salt) { var hash = crypto.createHash('sha256'); hash.update(password); hash.update(salt); return hash.digest('hex'); } passport.use(new LocalStrategy(function(username, password, done) { db.get('SELECT salt FROM users WHERE username = ?', username, function(err, row) { if (!row) return done(null, false); var hash = hashPassword(password, row.salt); db.get('SELECT username, id FROM users WHERE username = ? AND password = ?', username, hash, function(err, row) { if (!row) return done(null, false); return done(null, row); }); }); })); passport.serializeUser(function(user, done) { return done(null, user.id); }); passport.deserializeUser(function(id, done) { db.get('SELECT id, username FROM users WHERE id = ?', id, function(err, row) { if (!row) return done(null, false); return done(null, row); }); }); // ... app.post('/login', passport.authenticate('local', { successRedirect: '/good-login', failureRedirect: '/bad-login' }));