Passport local strategy auth seems to only work on localhost with a shared MongoDB instance

冷暖自知 提交于 2021-01-28 14:06:37

问题


This is a weird one, but I'm not sure what else could be going on. I've successfully deployed the passport-local strategy for a Node.js Express app with user accounts stored in MongoDB. I'm using Mongo as a service via MongoLab.

My accounts and login auth works as expected locally. But when I deploy my app to AWS (using the same Mongo service still), the same account credentials fail. I'm wondering... is Passport somehow using the URL, port, or other environment-specific information to authenticate users? Perhaps in how password lookup is performed?

I've narrowed it down to the passport.authenticate('local') middleware, although it would surprise me if this library somehow performed differently in different environments with the exact same code.

I should also mention that I'm using the passport-local-mongoose plugin for my User model.


回答1:


OK - I figured this out.

On my local system, I had a newer version of node, but on my deployed version (on AWS ElasticBeanstalk) it was using v0.10.36.

If you look at the code for passport-local-mongoose you'll see this:

var pbkdf2DigestSupport = semver.gte(process.version, '0.12.0');
...
var pbkdf2 = function(password, salt, callback) {
  if (pbkdf2DigestSupport) {
    crypto.pbkdf2(password, salt, options.iterations, options.keylen, options.digestAlgorithm, callback);
  } else {
    crypto.pbkdf2(password, salt, options.iterations, options.keylen, callback);
  }
};

So if the two different versions of node has one above 0.12.0 and one below, you are going to get different crypto functionality.



来源:https://stackoverflow.com/questions/34080488/passport-local-strategy-auth-seems-to-only-work-on-localhost-with-a-shared-mongo

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!