Comments (34)
leiyanggz
commented on April 20, 2024
2
@yandongxu @dangyanglim
https://github.com/leiyanggz/egg-passport-local
from egg.
fengmk2
commented on April 20, 2024
以 oauth 登录作为标准的示例实现。
from egg.
fengmk2
commented on April 20, 2024
from egg.
popomore
commented on April 20, 2024
哈哈,这个也挺老了
from egg.
fengmk2
commented on April 20, 2024
@popomore 我看它是最完善的。
from egg.
fengmk2
commented on April 20, 2024
各种插件一直都在更新 http://web.npm.alibaba-inc.com/package/passport-outlook
from egg.
fengmk2
commented on April 20, 2024
https://github.com/rkusa/koa-passport
from egg.
fengmk2
commented on April 20, 2024
淘宝登录也有需求 egg-taobao-login
from egg.
atian25
commented on April 20, 2024
egg-dingtalk-login 🤔
from egg.
shaoshuai0102
commented on April 20, 2024
认领 egg-weibo-login,接一个先试试
from egg.
fengmk2
commented on April 20, 2024
看来还是得封装 egg-passport-xxx,因为需要统一约定处理 afterAuth,并且将 {token, tokenSecret, profile} 转换为统一字段约定的 user,至少要包含哪些统一命名的字段。
from egg.
atian25
commented on April 20, 2024
这些 passport 的 adapter 跟插件有些区别吧,需允许多个共存,不一样的 eggPlugin.name?
from egg.
popomore
commented on April 20, 2024
感觉直接传 Strategy 实例比较好,不同的 Strategy 参数不一样,也可能会有两个。
exports.passport = {
strategy: [
new TwitterStrategy({
consumerKey: TWITTER_CONSUMER_KEY,
consumerSecret: TWITTER_CONSUMER_SECRET,
callbackURL: "http://127.0.0.1:3000/auth/twitter/callback"
},
function(token, tokenSecret, profile, cb) {
User.findOrCreate({ twitterId: profile.id }, function (err, user) {
return cb(err, user);
});
})
]
};from egg.
popomore
commented on April 20, 2024
把 passport 的 callback API 都要改成 promise 的
from egg.
fengmk2
commented on April 20, 2024
auto0 还有一个 params 参数: accessToken, refreshToken, extraParams, profile https://github.com/auth0/passport-auth0#configuration
from egg.
fengmk2
commented on April 20, 2024
@popomore 还是改成 passport-xx 模式了,每个插件都需要按照统一 user 数据格式实现 verify 方法,生成一个 user,再由应用自行实现总的 verify 来做最终用户校验。没办法每个插件能使用到数据库实现 verify 的。
from egg.
popomore
commented on April 20, 2024
但这个就不算 passport 了,用什么来存储用户信息和 passport 没关系。内部可以直接在 Strategy 里面封装获取用户信息。
from egg.
fengmk2
commented on April 20, 2024
内部可以直接在 Strategy 里面封装获取用户信息。
@popomore 对啊,内部应用代码就不需要实现 verify 了
from egg.
popomore
commented on April 20, 2024
app.passport.verify 的 hook 就是替换 strategy 里的 verify callback 么?
from egg.
fengmk2
commented on April 20, 2024
@popomore 不完全是,strategy verify callback 有 passport-xxx 插件实现。而 app.passport.verify 是我们封装过的,给应用使用的。这样一个应用同时接入多种 strategy,都可以通过同一个 app.passport.verify 实现最终核实过程。
from egg.
popomore
commented on April 20, 2024
恩,功能是一样的,只是数据格式是否统一。他的 passport-stragery 基类其实什么都没做,约定比较松散。
from egg.
fengmk2
commented on April 20, 2024
只是我们约定插件来实现 verify callback
from egg.
fengmk2
commented on April 20, 2024
demo eggjs/examples#14
from egg.
fengmk2
commented on April 20, 2024
对于每次都去缓存读取用户信息的 user,需要默认关闭 passport-session 策略。
- https://github.com/jaredhanson/passport/blob/master/lib/http/request.js#L44
- https://github.com/jaredhanson/passport/blob/master/lib/middleware/authenticate.js#L252
const auth = app.passport.authenticate('alipaysession', {
session: false,
successReturnToOrRedirect: false,
successRedirect: false,
});
// 将 auth 加入全局中间件,让每个请求都过 alipaysession
app.use(auth);但是要追求高性能的话,alipaysession 应该直接走普通中间件,不走 passport 这台,因为它是每次请求都去缓存读取数据的。
from egg.
fengmk2
commented on April 20, 2024
@shaoshuai0102 https://github.com/eggjs/egg-passport-weibo 基本不需要做,我需要想想怎么 mock 方便写单元测试才是王道。
from egg.
atian25
commented on April 20, 2024
这个是不是还缺篇文档?
from egg.
popomore
commented on April 20, 2024
恩,要加一下
from egg.
yandongxu
commented on April 20, 2024
passport-local 该怎么做?有参考么?
from egg.
dangyanglim
commented on April 20, 2024
@yandongxu 我也不会这个 passport-local
from egg.
popomore
commented on April 20, 2024
@leiyanggz 这个没写测试?
from egg.
jackhutu
commented on April 20, 2024
为什么在egg-passport中, 重写passport的方法时, 要把callback去掉, 是暂时不支持还是不打算支持呀?
from egg.
popomore
commented on April 20, 2024
@jackhutu 我们最佳实践是 generator function 和 async function,所有的代码应该看不到 callback。
from egg.
zsbox
commented on April 20, 2024
async login() {
const { body } = this.ctx.request;
const { email: _email, password: _password } = body;
const rule = {
email: {
type: 'email',
},
password: {
type: 'password',
},
};
try {
this.ctx.validate(rule);
} catch (err) {
console.log(err);
this.ctx.redirect('/user');
return;
}
const user = await this.app.mysql.get('users', { email: _email });
const dbpw = user.password;
const fmpw = crypto.MD5(_password).toString();
if (user && dbpw === fmpw) {
console.log('登陆成功');
this.app.passport.serializeUser(async (ctx, user) => {
console.log('000000', user);
// 保存用户信息到session
});
this.ctx.redirect('/user');
} else {
console.log('登陆失败');
}
}
@fengmk2 本地鉴权怎么用啊?感觉调用this.app.passport.serializeUser并没有成功啊 session里没有东西
this.app.passport.deserializeUser方法也没用 教程省略了太多 对小白太难了 求指点
from egg.
atian25
commented on April 20, 2024
app.passport.serializeUser 是写在 app.js 的
from egg.
Related Issues (20)
- 视频资源放在public目录下面报错
- GET 请求带 gzip body 会导致非法异常 HOT 4
- multipart多文件上传 HOT 1
- egg_amqplib 连接中断后导致程序异常退出 HOT 1
- 七牛云拉取文件始终返回404 HOT 10
- 使用ts时tsconfig.json文件配置module只能使用CommonJS,使用ES会报错 HOT 1
- 日志切割后不是 .log 后缀, vscode 不高亮啊
- 国际化用voerkai18n实现,在中间件处理切换语言时,yarn test测试环境不生效,请问会不会是eggjs影响的? HOT 1
- 如果使用AsyncLocalStorage,如何能够在不被Egg管理的类中,也能正确地拿到上下文对象 HOT 12
- 如何升级babel 7?
- jsx as tpl HOT 1
- new version available: 2.3.1 → 3.0.0, not compatible, you must update to use this. HOT 4
- egg-bin 5以上的版本设置端口无效
- 传闻Eggjs不再维护了,是真的吗? HOT 4
- new version available: 2.3.1 → 3.0.0, not compatible, you must update to use this. HOT 7
- 同一个方法在放在eggjs服务schedule 定时模块里面执行就可以获取的到inputElem,但是放到controller模块里面通过接口调用时获取不到呢,再express里面也可以成功调用,debug模式可能获取得到 HOT 3
- v3的文档多会更新,EggLogger 怎么用????? HOT 3
- 使用问题: 请问如何在egg应用下运行脚本,以及如何在脚本中使用app中的service,helper,db等能力 HOT 1
- egg-mysql能配置连接断开后自动重连吗
- eggjs 在容器通过前台启动,如何将stdout和stderr日志输出到日志文件 HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from egg.