我现在正在尝试在我的应用程序中使用护照模块。
我正在阅读一些手册,其中有这么说:
app.use(passport.initialize());
app.use(passport.session());
app.use(passport.initialize())
是做什么的?
passport.session()
可能是给Passport使用会话信息的,
但我对passport.initialize()
一无所知。
我现在正在尝试在我的应用程序中使用护照模块。
我正在阅读一些手册,其中有这么说:
app.use(passport.initialize());
app.use(passport.session());
app.use(passport.initialize())
是做什么的?
passport.session()
可能是给Passport使用会话信息的,
但我对passport.initialize()
一无所知。
initialize()
函数会设置序列化/反序列化用户数据的函数。passport.initialize()
。/**
* Passport initialization.
*
* Intializes Passport for incoming requests, allowing authentication strategies
* to be applied.
*
* If sessions are being utilized, applications must set up Passport with
* functions to serialize a user into and out of a session. For example, a
* common pattern is to serialize just the user ID into the session (due to the
* fact that it is desirable to store the minimum amount of data in a session).
* When a subsequent request arrives for the session, the full User object can
* be loaded from the database by ID.
*
* Note that additional middleware is required to persist login state, so we
* must use the `connect.session()` middleware _before_ `passport.initialize()`.
*
* If sessions are being used, this middleware must be in use by the
* Connect/Express application for Passport to operate. If the application is
* entirely stateless (not using sessions), this middleware is not necessary,
* but its use will not have any adverse impact.
...
passport.initialize()
是否与使用 session
有关,这取决于您实现 JWT 认证的方式。目前我无法告诉您更多信息。 - jpenna根据Passportjs文档:
在基于Connect或Express的应用中,需要使用passport.initialize()中间件来初始化Passport。如果您的应用程序使用持久登录会话,则还必须使用passport.session()中间件。
如果我们查看源代码, 我们可以看到passport.initialize()中间件基本上将passport实例添加到传入请求中,以便可以进行身份验证策略。
如果有会话,它也会被添加到请求中。