LoopbackJS -用于用户邀请的令牌
我使用回送作为我的应用程序的API服务器。我正在建立一个社交网络,它需要通过电子邮件邀请用户。为了将受邀者与邀请者联系起来,我希望邀请者创建一个与他的userId相关联的“请求令牌”,然后通过电子邮件发送,格式如下:domain.com/册?token=XXXXXX
作为一个基本模型,内置访问令牌模型似乎非常完美,因此我们的想法是创建一个继承自AccessToken模型的新模型“AccessToken”,但是,新模型也用于身份验证,我不想这样做。
下面是我的配置文件。值得一提的是,下面看到的“客户”模型正在扩展回退“用户”模型。
/server/model-config.json:
"_meta": {
"sources": [
"loopback/common/models",
"loopback/server/models",
"../common/models",
"./models"
],
"mixins": [
"loopback/common/mixins",
"loopback/server/mixins",
"../node_modules/loopback-ds-timestamp-mixin",
"../common/mixins",
"./mixins"
]
},
"User": {
"dataSource": "db",
"public": false
},
"AccessToken": {
"dataSource": "db",
"public": false,
"relations": {
"user": {
"type": "belongsTo",
"model": "Customer",
"foreignKey": "userId"
}
}
},
"ACL": {
"dataSource": "db",
"public": false
},
"RoleMapping": {
"dataSource": "db",
"public": false,
"options": {
"strictObjectIDCoercion": true
}
},
"Role": {
"dataSource": "db",
"public": false
},
"Email": {
"dataSource": "mail",
"public": false
},
"Customer": {
"dataSource": "db",
"public": true
},
"Friend": {
"dataSource": "db",
"public": true
},
"Memory": {
"dataSource": "db",
"public": true
},
"RequestToken": {
"dataSource": "db",
"public": true
}
}在“客户”项下,我也试图包括:
"relations": {
"accessTokens": {
"type": "hasMany",
"model": "AccessToken",
"foreignKey": "userId",
"options": {
"disableInclude": true
}
}
}common/customer.json
{
"name": "Customer",
"base": "User",
"idInjection": true,
"options": {
"validateUpsert": true
},
"mixins": {
"TimeStamp": true
},
"properties": {
"firstName": {
"type": "string",
"required": true
},
"lastName": {
"type": "string",
"required": true
},
"dob": {
"type": "date"
},
"country": {
"type": "string"
}
},
"validations": [],
"relations": {
"accessTokens": {
"type": "hasMany",
"model": "AccessToken",
"foreignKey": "userId",
"options": {
"disableInclude": true
}
},
"requestTokens": {
"type": "hasMany",
"model": "RequestToken",
"foreignKey": "userId",
"options": {
"disableInclude": true
}
}
},
"acls": [
{
"accessType": "EXECUTE",
"principalType": "ROLE",
"principalId": "$owner",
"permission": "ALLOW"
},
{
"accessType": "*",
"principalType": "ROLE",
"principalId": "$everyone",
"permission": "DENY"
}
],
"methods": {}
}common/request-token.json
{
"name": "RequestToken",
"base": "AccessToken",
"idInjection": true,
"options": {
"validateUpsert": true
},
"properties": {},
"validations": [],
"relations": {
"user": {
"type": "belongsTo",
"model": "Customer",
"foreignKey": "ownerId"
}
},
"acls": [],
"methods": {}
}摘要:我如何创建一个新的"RequestToken“模型,扩展环回" AccessToken”模型,但继续使用内置的AccessToken模型进行身份验证等等?有可能吗?一旦我从请求-Token.json文件中取出行'"base": "AccessToken"',所有身份验证方法就会再次工作。
提前谢谢!
回答 1
Stack Overflow用户
发布于 2019-01-11 06:28:25
看来我找到了解决办法。在server.js中,我需要告诉应用程序使用AccessToken模型。
server.js
...
app.use(loopback.token({
model: app.models.accessToken,
}));
...我把它加在后面
const app = loopback();文档引用它来通过LB2文档中的cookie进行身份验证。https://loopback.io/doc/en/lb2/Making-authenticated-requests.html我在用Loopback3。在LB3文档中,它们不再以这种方式提及,因此,如果有另一种解决方案,则乐于更改已接受的答案。
干杯
https://stackoverflow.com/questions/54140988
复制相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号