Wednesday, 3 May 2017

Passport deserialize execution not happening

Im currently using angular localhost running on port 4200, and server sided api running on 3000.

Im having trouble getting the req.user to work, probably cause deserialize function is never beeing called in my code.

i tought it was a issue for cross domain so i added

app.use(function(req, res, next) {
    res.header('Access-Control-Allow-Credentials', true);
    res.header('Access-Control-Allow-Origin', req.headers.origin);
    res.header('Access-Control-Allow-Methods', 'GET,PUT,POST,DELETE');
    res.header('Access-Control-Allow-Headers', 'X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept');
    if ('OPTIONS' == req.method) {
        res.send(200);
    } else {
        next();
    }
});

in the server.js, but i didnt make any difference.

Main issue: Req.user wont work after login and redirecting to page /test. sub-issue: noticed that deserialize function never is called.

server.js

var express    = require('express');        // call express
var app        = express();                 // define our app using express
var bodyParser = require('body-parser');
var mongoose = require('mongoose');
var session      = require('express-session');
var router = express.Router();
var Account = require('src/app/models/Users.js');
var Core = require('src/app/gamemodels/core');
// Init passport authentication
var passport = require('passport');
var Strategy = require('passport-local').Strategy;
require('src/config/passport')(passport);
var cookieParser = require('cookie-parser')


app.use(function(req, res, next) {
    res.header('Access-Control-Allow-Credentials', true);
    res.header('Access-Control-Allow-Origin', req.headers.origin);
    res.header('Access-Control-Allow-Methods', 'GET,PUT,POST,DELETE');
    res.header('Access-Control-Allow-Headers', 'X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept');
    if ('OPTIONS' == req.method) {
        res.send(200);
    } else {
        next();
    }
});


// required for passport session

app.use(bodyParser.urlencoded({ extended: true }));
app.use(bodyParser.json());
mongoose.connect('database');
app.use(cookieParser()) // required before session.

app.use(session({
    secret: 'xxx',
    cookie: {
        secure: false
    }}));

app.use(passport.initialize());
app.use(passport.session());



console.log(mongoose.connection.readyState);
app.use(function (req, res, next) {
    console.log('Time:', Date.now());

   // core.loggameRequest();
    next();
});


var port = process.env.PORT || 3000;        // set our port


// test route to make sure everything is working (accessed at GET http://localhost:8080/api)
router.get('/', function(req, res) {
    res.json({ text: 'hooray! welcome to our api!' });
});


router.get('/test', function(req,res) {
    console.log(req.user);
    res.json(req.user);
});

router.get("/getuser", function(req,res) {
    Account.findOne({}, function (err,response) {
        console.log("starting core...");
        console.log(Core);
        console.log("core log end");
    //    Core.experienceToRankDetails(response.xp,'female');
        console.log("executed!");
     //   res.json(response);
        Core.experienceToRankDetails(response.xp,'female').then(function (result) {

            res.json({user: response, rank: result});

        });

    });
});

router.get('/onlinestate', function(req,res) {
    if (req.user) {
        res.json(true);

    } else {
        res.json(false);
    }
});


router.post('/signup', passport.authenticate('local-signup', {
    successRedirect : '/profile', // redirect to the secure profile section
    failureRedirect : '/signup', // redirect back to the signup page if there is an error
}));

router.post('/login', passport.authenticate('local-login'), function(req, res) {

    console.log("executed login!");
    console.log(req.user);
    req.session.user = req.user;
    req.logIn(req.user, function (err) { // have this in passport login too, but tried it here too .
        if (err) {
            return next(err);
        }

    });

});

/*
router.post('/login', function(req,res) {
    console.log("routing post login");
    console.log(req.body);
    console.log(req.user);

    var username = req.body.username;
    var password = 0;
    console.log("using passport");
    passport.authenticate('local', {failureRedirect: '/login'}, function (req, res) {
        console.log("performed!");
        res.redirect('/');
    });






});
*/



// more routes for our API will happen here

// REGISTER OUR ROUTES -------------------------------
// all of our routes will be prefixed with /api
app.use('/api', router);



*/
// START THE SERVER
// =============================================================================
app.listen(port);
console.log('Magic happens on port ' + port);

passport:

// config/passport.js

// load all the things we need
var LocalStrategy   = require('passport-local').Strategy;

// load up the user model
var Account = require('src/app/models/Users.js');

// expose this function to our app using module.exports
module.exports = function(passport) {

    passport.serializeUser(
        function(user, done){
            console.log("serialize");
            done(null, user.id);
        });

    passport.deserializeUser(
        function(id, done){
            console.log("deserialize " + id);
            Account.findById(id, function(err, user){
                if(err){
                    done(err);
                }
                done(null, user);
            });
        });
    passport.use('local-login', new LocalStrategy({
            // by default, local strategy uses username and password, we will override with email
            usernameField : 'username',
            passwordField : 'password',
            passReqToCallback : true // allows us to pass back the entire request to the callback
        },
        function(req, username, password, done) { // callback with email and password from our form
            console.log("doing local login");
            // find a user whose email is the same as the forms email
            // we are checking to see if the user trying to login already exists
            Account.findOne({ 'username' :  username }, function(err, user) {
                var thisuser = user;
                console.log("query account is done");
                // if there are any errors, return the error before anything else
                if (err) {
                    console.log("error occured");
                    return done(err);
                }

                console.log("if user exist check");


                // if no user is found, return the message
                if (!user)
                    return done(null, false,'No user found.'); // req.flash is the way to set flashdata using connect-flash


                console.log("checking password");
                // if the user is found but the password is wrong
                if (!user.validPassword(password)) {
                    console.log("password is not valid");
                    return done(null, false, 'Oops! Wrong password.'); // create the loginMessage and save it to session as flashdata

                }
                console.log("all good! logging in!");


                req.login(thisuser, function(error) {
                    if (error) return next(error);
                    console.log(error);

                    console.log("Request Login supossedly successful.");
                });

                // all is well, return successful user
                return done(null, thisuser);
            });

        }));

    passport.use('local-signup', new LocalStrategy({
            // by default, local strategy uses username and password, we will override with email
            usernameField : 'email',
            passwordField : 'password',
            passReqToCallback : true // allows us to pass back the entire request to the callback
        },
        function(req, username, password, done) {
            process.nextTick(function() {
                    console.log("doing local signup");
                // find a user whose email is the same as the forms email
                // we are checking to see if the user trying to login already exists
                Account.findOne({ 'username' :  username }, function(err, user) {
                    // if there are any errors, return the error
                    if (err)
                        return done(err);

                    // check to see if theres already a user with that email
                    if (user) {
                        return done(null, false, 'That username is already taken.');
                    } else {

                        var newUser            = new Account();

                        // set the user's local credentials
                        newUser.username    = username;
                        newUser.password = newUser.encryptPassword(password);

                        // save the user
                        newUser.save(function(err) {
                            if (err)
                                throw err;
                            return done(null, newUser);
                        });
                    }

                });

            });

        }));

};

user variable contains:

{ _id: 5909a6c0c5a41d13340ecf94,
  password: '$2a$10$tuca/t4HJex8Ucx878ReOesICV6oJoS3AgYc.LxQqCwKSV8I3PenC',
  username: 'admin',
  __v: 0,
  inFamily: false,
  bank: 500000,
  cash: 1,
  xp: 0,
  rank: 1,
  bullets: 0,
  location: 1,
  permission: 0,
  health: 100 }

response from server after logging in: (post to /login route)

doing local login
query account is done
if user exist check
checking password
all good! logging in!
serialize
undefined
Request Login supossedly successful.
serialize
executed login!
{ _id: 5909a6c0c5a41d13340ecf94,
  password: '$2a$10$tuca/t4HJex8Ucx878ReOesICV6oJoS3AgYc.LxQqCwKSV8I3PenC',
  username: 'admin',
  __v: 0,
  inFamily: false,
  bank: 500000,
  cash: 1,
  xp: 0,
  rank: 1,
  bullets: 0,
  location: 1,
  permission: 0,
  health: 100 }
serialize

server response from visiting /test

undefined



via maria

No comments:

Post a Comment