Redirected: You are redirected from
/GROWI勉強会/20200911/itizawa
.passport を用いたログイン
loginRequired について
- loginRequiredStrictly との違いは...?
- code を見てみよう
req.user になぜユーザーデータが入っているのか
- passport を使っている
- 3つの項目の設定が必要
- https://knimon-software.github.io/www.passportjs.org/guide/configure/ external_link
- 認証用ストラテジーの選択
- アプリケーションミドルウェア
- セッション管理(省略可)
passport.js/** * setup LocalStrategy * * @memberof PassportService */ setupLocalStrategy() { this.resetLocalStrategy(); const { configManager } = this.crowi; const isEnabled = configManager.getConfig('crowi', 'security:passport-local:isEnabled'); // when disabled if (!isEnabled) { return; } logger.debug('LocalStrategy: setting up..'); const User = this.crowi.model('User'); passport.use(new LocalStrategy( { usernameField: PassportService.USERNAME_FIELD, passwordField: PassportService.PASSWORD_FIELD, }, (username, password, done) => { // find user User.findUserByUsernameOrEmail(username, password, (err, user) => { if (err) { return done(err) } // check existence and password if (!user || !user.isPasswordValid(password)) { return done(null, false, { message: 'Incorrect credentials.' }); } return done(null, user); }); }, )); this.isLocalStrategySetup = true; logger.debug('LocalStrategy: setup is done'); }
ログイン時
route
app.post('/login' , form.login , csrf, loginPassport.loginWithLocal, loginPassport.loginWithLdap, loginPassport.loginFailure);
login-passport.jsconst loginWithLocal = (req, res, next) => { if (!passportService.isLocalStrategySetup) { debug('LocalStrategy has not been set up'); req.flash('warningMessage', req.t('message.strategy_has_not_been_set_up', { strategy: 'LocalStrategy' })); return next(); } if (!req.form.isValid) { return res.render('login', { }); } passport.authenticate('local', (err, user, info) => { debug('--- authenticate with LocalStrategy ---'); debug('user', user); debug('info', info); if (err) { // DB Error logger.error('Database Server Error: ', err); req.flash('warningMessage', req.t('message.database_error')); return next(); // pass and the flash message is displayed when all of authentications are failed. } if (!user) { return next() } req.logIn(user, (err) => { if (err) { debug(err.message); return next() } return loginSuccessHandler(req, res, user); }); })(req, res, next); };
passport.deserializeUser(async(id, done) => { try { const user = await User.findById(id); console.log(user); if (user == null) { throw new Error('user not found'); } if (user.imageUrlCached == null) { await user.updateImageUrlCached(); await user.save(); } done(null, user); } catch (err) { done(err); } });