我想在我的MEAN堆栈应用程序上进行Facebook授权。我正在使用passport
和passport-facebook
。我不使用jade
或ejs
,我想使用纯粹的angularjs。当我运行我的应用程序,并单击按钮“登录”,我得到以下错误:MEAN堆栈Facebook授权错误:No'Access-Control-Allow-Origin'标头?
XMLHttpRequest cannot load https://www.facebook.com/dialog/oauth?response_type=code&redirect_uri=http%…2Flocalhost%3A3030%2Fauth%2Ffacebook%2Fcallback&client_id=....
No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:3030' is therefore not allowed access.
我做了一些研究,发现节点cors
模块可以解决这个问题,但事实并非如此。
我做了什么错,我该如何解决?
这里是我的routes.js文件(服务器端):
app.get('/auth/facebook', passport.authenticate('facebook'));
app.get('/auth/facebook/callback', passport.authenticate('facebook', {
successRedirect: '/success',
failureRedirect: '/error'
}));
app.post('/success', function(req, res, next) {
User.findById(req.session.passport.user, function(err, user) {
if(err){
res.send({success:false});
}else{
res.send({success:true,user: user});
}
});
});
app.get('/logout', function(req, res){
req.logout();
res.redirect('/');
res.end();
});
app.post('/error', function(req, res, next) {
res.send({success:false});
});
这里是我的passport.js
文件(服务器端):
注:clientID
,clientSectret
和callbackURL
是另一个文件(config.js
)。但它们是有效的。
passport.use(new FacebookStrategy({
clientID: config.facebookAuth.clientID,
clientSecret: config.facebookAuth.clientSecret,
callbackURL: config.facebookAuth.callbackURL
},
function(accessToken, refreshToken, profile, done) {
User.findOne({ oauthID: profile.id }, function(err, user) {
if(err) { console.log(err); }
if (!err && user != null) {
done(null, user);
} else {
var user = new User({
oauthID: profile.id,
name: profile.displayName,
created: Date.now()
});
user.save(function(err) {
if(err) {
console.log(err);
} else {
console.log("saving user ...");
done(null, user);
}
});
}
});
}
));
// serialize and deserialize
passport.serializeUser(function(user, done) {
console.log('serializeUser: ' + user._id)
done(null, user._id);
});
passport.deserializeUser(function(id, done) {
User.findById(id, function(err, user){
console.log(user)
if(!err) {done(null, user);}
else {done(err, null)}
});
});
这里是我的快递配置文件:express.js
(服务器端):
var express = require('express'),
passport = require('passport'),
cookieParser = require('cookie-parser'),
bodyParser = require('body-parser'),
session = require('express-session'),
cors = require('cors');
var whitelist = ['https://www.facebook.com'];
var corsOptions = {
origin: function(origin, callback){
var originIsWhitelisted = whitelist.indexOf(origin) !== -1;
callback(null, originIsWhitelisted);
}
};
module.exports = function (app, config) {
app.set('view engine', 'ejs');
app.use(cookieParser());
app.use(bodyParser());
app.use(cors(corsOptions));
app.use(session({secret:"car advisor secret"}));
app.use(passport.initialize());
app.use(passport.session());
app.use(express.static(config.rootPath+"/public"));
}
客户端
这里是我的html文件:
<body>
<div class="navbar-right" ng-controller="LoginCtrl">
<form class="navbar-form" >
<a class="btn btn-primary" ng-click="signin()" ng-show="!identity.isAuthenticated()">Sign in</a>
<a class="btn btn-primary" ng-click="signout()" ng-show="identity.isAuthenticated()">Sign out | {{identity.currentUser.name}}</a>
</form>
</div>
<ng-view></ng-view>
这里我的登录控制器:
$scope.signin = function(username, password) {
authService.authenticateUser(username, password).then(function(success) {
if (success){
console.log("You have successfully signed in!");
}
});
}
$scope.signout = function() {
authService.logoutUser().then(function() {
console.log("You have successfully signed out!");
$location.path('/');
});
}
这里是我的服务,处理的服务器通信(authService.js):
carApp.factory('authService', function($http, Identity, $q, $cookieStore, $resource) {
return {
authenticateUser: function(username, password) {
var dfd = $q.defer();
$http.get('/auth/facebook').
success(function(data, status, headers, config) {
if (data.success) {
Identity.currentUser = response.data.user;
$cookieStore.put('user', response.data.user);
dfd.resolve(true);
} else {
$cookieStore.remove('user');
dfd.resolve(false);
}
});
return dfd.promise;
},
logoutUser: function() {
var dfd = $q.defer();
$http.get('/logout').success(function() {
Identity.currentUser = undefined;
$cookieStore.remove('user');
dfd.resolve();
});
return dfd.promise;
}
我面临着类似的issue..did你得到了这个解决方案..?你能帮助我吗? – 2016-12-23 15:10:26