Node.JS
NodeJS的注册登录模块:lockit
Lockit是一个可以作为插件模块插入Node.JS 和Express中,帮助你实现从用户初始注册到后续密码管理一系列流程。
npm install lockit
lockit特点:
- 支持多个数据库(MongoDB, CouchDB, SQL).
- 发送确认邮件
- 管理邮件地址验证和验证链接。
- 带有自己的Bootstrap视图页面易于定制。
- 在多次失败登录后账号锁定
- 登录 登出 注册和注销等事件
- lots of best pratices的实现
- REST API
- Authentication for SPAs and CSRF support.
使用
var Lockit = require('lockit');
var app = express();
// express middleware
// ...
// sessions are required
app.use(express.cookieParser('your secret here'));
app.use(express.cookieSession());
var config = {
db: 'mongodb://127.0.0.1/test',
dbCollection: 'users'
};
// use middleware before router so your own routes have access to
// req.session.email and req.session.username
var lockit = new Lockit(app, config);
// you now have all the routes like /login, /signup, etc.
// and you can listen on events. For example 'signup'
lockit.on('signup', function(user, res) {
console.log('a new user signed up');
// set signup.handleResponse to 'false' for this to work
res.send('Welcome!');
});
app.use(app.router);
// continue with express middleware
// ...
缺省情况并不会发送Email,这样你就接受不到任何注册用户和密码,只有设置邮件服务器才可以,使用mailgun 你可以每个月发送免费发送1万个邮件,使用 nodemailer配置如下:
config = {
emailType: 'SMTP',
emailSettings: {
service: 'Mailgun',
auth: {
user: 'postmaster@username.mailgun.org',
pass: 'secret-password'
}
}
}
定制视图
Lockit缺省是基于Bootstrap定制的内部视图,如果你要使用自己的,将它们放入views目录即可,例如 views/lockit/myLogin.jade.
config = {
login: {
route: '/login',
logoutRoute: '/logout',
views: {
login: 'lockit/myLogin.jade',
loggedOut: 'lockit/myLogoutSuccess.jade'
}
}
}
授权验证路由
From lockit-signup
- GET /signup
- POST /signup
- GET /signup/:token
- GET /signup/resend-verification
- POST /signup/resend-verification
From lockit-login
- GET /login
- POST /login
- GET /logout
- GET /forgot-password
- POST /forgot-password
- GET /forgot-password/:token
- POST /forgot-password/:token
- GET /delete-account
- POST /delete-account