我有一个MERN Web应用程序,其中客户端托管在Netlify上,服务器托管在Heroku上。我使用Google OAuth 2.0通过Passport.js进行用户身份验证。特别是,我有它,如果用户成功登录,他们会被重定向到路由/auth/protected,在那里我使用该用户的电子邮件。如果身份验证失败,他们只是简单地注销并重定向到前端的页面。
身份验证在本地工作完美部署后,当Google成功验证用户时,我得到一个内部服务器错误,因为req.user为null,所以我无法获得电子邮件(Heroku错误:TypeError: Cannot read properties of undefined (reading 'emails')).我一直无法弄清楚为什么部署后req.user是null.我已经成功地验证了我的OAuth同意屏幕上的谷歌云,包含正确的URI,发布状态为“生产中”,并在“授权的JavaScript来源”中包含客户端和服务器URL。
谢谢你的时间和帮助:)
我的身份验证文件(我没有连接到mongoose/mongodb,因为我没有在那里存储用户):
const GoogleStrategy = require("passport-google-oauth20").Strategy;
const passport = require("passport");
passport.use(
new GoogleStrategy(
{
clientID: process.env.GOOGLE_CLIENT_ID,
clientSecret: process.env.GOOGLE_CLIENT_SECRET,
callbackURL: process.env.GOOGLE_CLIENT_URL,
scope: ["email"],
},
function (accessToken, refreshToken, profile, cb) {
cb(null, profile);
}
)
);
passport.serializeUser(function (user, done) {
done(null, user);
});
passport.deserializeUser(function (user, done) {
done(null, user);
});字符串
我的服务器的相关部分:
const express = require("express");
const mongoose = require("mongoose");
const dotenv = require("dotenv");
const cors = require("cors");
const bodyParser = require("body-parser");
require("./auth");
const passport = require("passport");
const session = require("express-session");
var path = require("path");
// URI Configuration
dotenv.config();
// App Init
const app = express();
// DB Connection
mongoose.connect(process.env.DB_URI);
// Middleware
app.use(express.json());
app.use(bodyParser.urlencoded({ extended: false }));
app.use(bodyParser.json());
app.use(
cors({
origin: "THE_ORIGIN_LINK",
methods: "GET,POST,PUT,DELETE",
credentials: true,
})
);
app.use(
session({
secret: process.env.SESSION_SECRET,
resave: true,
saveUninitialized: false,
cookie: { secure: true },
})
);
app.use(passport.initialize());
app.use(passport.session());型
认证相关部分:
const passport = require("passport");
// User's email
var email;
// Send google authentication
const getAuthentication = passport.authenticate("google", ["email"]);
// Google callback after authentication
const getCallback = passport.authenticate("google", {
// URL to bring to user to upon success
successRedirect: "/auth/protected",
// URL to bring to user to upon failure
failureRedirect: "/auth/failure",
});
// Authentication success
const getSuccess = (req, res, next) => {
// Set email
email = req.user.emails[0].value;
// Check for the correct user
if (req.user.emails[0].value === process.env.AUTHENTICATION_EMAIL) {
res.redirect("REDIRECT_LINK");
} else {
getLogout(req, res, next);
}
};
// Authentication failure
const getFailure = (req, res, next) => {
// Delete session and cookie
req.session.destroy((err) => {
res.clearCookie("connect.sid");
res.redirect("REDIRECT_LINK");
});
};
// Logout
const getLogout = (req, res, next) => {
// Reset email variable
email = null;
// Logout
req.logout(function (err) {
if (err) {
console.log("Error logging out: " + err);
return next(err);
}
});
// Delete session and cookie
req.session.destroy((err) => {
res.clearCookie("connect.sid");
res.redirect("REDIRECT_LINK");
});
};
module.exports = {
getAuthentication,
getCallback,
getSuccess,
getFailure,
getLogout,
};型
1条答案
按热度按时间ewm0tg9j1#
你试过这个吗?
字符串
查看此YouTube教程:
OAuth2.0 React + Passport Course | Full Dev & Deployment