【发布时间】:2020-01-31 22:27:48
【问题描述】:
我目前正在尝试构建一个快速服务器,允许用户通过两个第三方服务进行身份验证:Google 和 Steam。身份验证是通过 JWT 完成的,当仅激活两个服务之一时它可以工作,但是当用户使用这两个服务之一登录时,我无法让受保护的路由工作。
代码:
const express = require('express');
const bodyParser = require('body-parser');
const {gAuth, gProtect} = require('./auth/google_auth');
const {sAuth, sProtect} = require('./auth/steam_auth');
const app = express();
gAuth(app);
sAuth(app);
//middlewares
app.use(express.static('views'));// folder in which to put the static files (html, css, js client)
app.use(bodyParser.json({limit: '50mb'})); // read json
//middlewares (just for the widget)
app.use(bodyParser.urlencoded({ extended: true , limit: '50mb'})); // read form enctype data
app.set('view engine', 'ejs'); // set the engine render ejs for dynamic building of html pages with ejs tags
//set up routers for v1 app
const genericRouter = require('./routes/generic_router'); //testing if the application is working
const secureRouter = require('./routes/secure_router'); //testing if normal auth is working
//set up routers for latest version app
app.use('/', genericRouter);
app.use('/', gProtect(), secureRouter);//protected end-points (requiring auth)
app.use('/', sProtect(), secureRouter);
module.exports = app;
问题出在
app.use('/', gProtect(), secureRouter);//protected end-points (requiring auth)
app.use('/', sProtect(), secureRouter);
bit,因为第二个 app.use 会覆盖第一个,导致所有通过 Google 进行的身份验证尝试都失败。我该怎么做才能使用户可以使用 Google 或 Steam 访问受保护的路由?
【问题讨论】:
标签: node.js express authentication