2018-10-10 18:03:03 -04:00
|
|
|
---
|
|
|
|
|
id: 5895f70df9fc0f352b528e6a
|
2020-12-16 00:37:30 -07:00
|
|
|
title: 创建新的中间件
|
2018-10-10 18:03:03 -04:00
|
|
|
challengeType: 2
|
2020-09-17 03:49:58 -07:00
|
|
|
forumTopicId: 301551
|
2021-01-13 03:31:00 +01:00
|
|
|
dashedName: create-new-middleware
|
2018-10-10 18:03:03 -04:00
|
|
|
---
|
|
|
|
|
|
2020-12-16 00:37:30 -07:00
|
|
|
# --description--
|
2020-09-17 03:49:58 -07:00
|
|
|
|
2020-12-16 00:37:30 -07:00
|
|
|
无论是否登录,或者哪怕用户试图访问其他页面,目前都会跳转到 `/profile`。为了解决这个问题,我们需要在 profile 页面渲染之前进行用户验证,创建中间件就可以实现这个功能。
|
2020-09-17 03:49:58 -07:00
|
|
|
|
2020-12-16 00:37:30 -07:00
|
|
|
这个挑战的目标是创建`ensureAuthenticated(req, res, next)`中间件方法,通过在 *request* 上调用 passports 的`isAuthenticated` 方法,我们可以检查 *req.user* 是否定义,从而确定用户是否通过认证。如果用户已通过验证,就会调用 *next()*,否则我们应重定向到主页并让用户登录。该中间件的实现如下:
|
2020-09-17 03:49:58 -07:00
|
|
|
|
|
|
|
|
```js
|
|
|
|
|
function ensureAuthenticated(req, res, next) {
|
|
|
|
|
if (req.isAuthenticated()) {
|
|
|
|
|
return next();
|
2018-10-10 18:03:03 -04:00
|
|
|
}
|
2020-09-17 03:49:58 -07:00
|
|
|
res.redirect('/');
|
|
|
|
|
};
|
|
|
|
|
```
|
|
|
|
|
|
2020-12-16 00:37:30 -07:00
|
|
|
然后,我们需要把 *ensureAuthenticated* 中间件添加到处理请求的回调之前:
|
2020-09-17 03:49:58 -07:00
|
|
|
|
|
|
|
|
```js
|
|
|
|
|
app
|
|
|
|
|
.route('/profile')
|
|
|
|
|
.get(ensureAuthenticated, (req,res) => {
|
|
|
|
|
res.render(process.cwd() + '/views/pug/profile');
|
|
|
|
|
});
|
|
|
|
|
```
|
|
|
|
|
|
2020-12-16 00:37:30 -07:00
|
|
|
完成上述要求后,你可以在下方提交你的页面链接。如果你遇到了问题,可以参考 [这里](https://gist.github.com/camperbot/ae49b8778cab87e93284a91343da0959) 的答案。
|
2018-10-10 18:03:03 -04:00
|
|
|
|
2020-12-16 00:37:30 -07:00
|
|
|
# --hints--
|
2018-10-10 18:03:03 -04:00
|
|
|
|
2020-12-16 00:37:30 -07:00
|
|
|
`ensureAuthenticated` 中间件应添加到 `/profile`路由中。
|
2018-10-10 18:03:03 -04:00
|
|
|
|
2020-12-16 00:37:30 -07:00
|
|
|
```js
|
|
|
|
|
(getUserInput) =>
|
|
|
|
|
$.get(getUserInput('url') + '/_api/server.js').then(
|
|
|
|
|
(data) => {
|
|
|
|
|
assert.match(
|
|
|
|
|
data,
|
|
|
|
|
/ensureAuthenticated[^]*req.isAuthenticated/gi,
|
|
|
|
|
'Your ensureAuthenticated middleware should be defined and utilize the req.isAuthenticated function'
|
|
|
|
|
);
|
|
|
|
|
assert.match(
|
|
|
|
|
data,
|
|
|
|
|
/profile[^]*get[^]*ensureAuthenticated/gi,
|
|
|
|
|
'Your ensureAuthenticated middleware should be attached to the /profile route'
|
|
|
|
|
);
|
|
|
|
|
},
|
|
|
|
|
(xhr) => {
|
|
|
|
|
throw new Error(xhr.statusText);
|
|
|
|
|
}
|
|
|
|
|
);
|
2018-10-10 18:03:03 -04:00
|
|
|
```
|
|
|
|
|
|
2020-12-16 00:37:30 -07:00
|
|
|
如果没有通过验证,对 /profile 的 GET 请求应重定向到 /
|
2018-10-10 18:03:03 -04:00
|
|
|
|
|
|
|
|
```js
|
2020-12-16 00:37:30 -07:00
|
|
|
(getUserInput) =>
|
|
|
|
|
$.get(getUserInput('url') + '/profile').then(
|
|
|
|
|
(data) => {
|
|
|
|
|
assert.match(
|
|
|
|
|
data,
|
|
|
|
|
/Home page/gi,
|
|
|
|
|
'An attempt to go to the profile at this point should redirect to the homepage since we are not logged in'
|
|
|
|
|
);
|
|
|
|
|
},
|
|
|
|
|
(xhr) => {
|
|
|
|
|
throw new Error(xhr.statusText);
|
|
|
|
|
}
|
|
|
|
|
);
|
2018-10-10 18:03:03 -04:00
|
|
|
```
|
2020-08-13 17:24:35 +02:00
|
|
|
|
2020-12-16 00:37:30 -07:00
|
|
|
# --solutions--
|
|
|
|
|
|
2021-01-13 03:31:00 +01:00
|
|
|
```js
|
|
|
|
|
/**
|
|
|
|
|
Backend challenges don't need solutions,
|
|
|
|
|
because they would need to be tested against a full working project.
|
|
|
|
|
Please check our contributing guidelines to learn more.
|
|
|
|
|
*/
|
|
|
|
|
```
|
