express实现单点登录(cas)尝试

最近计划想写一下基于express的nodejs服务端项目,首先就涉及到用户登录的问题,因为是打算在公司内网使用,所以就想如何接入公司内网的cas系统?

实际上公司内网的cas系统已经提供了java,php和python的cas客户端,但就是没有node版本的,无奈经过一番搜索在npmjs.com上找到了一个nodejs版本的cas客户端 – cas-authentication

可以通过下面的命令安装

npm i cas-authentication -g

然后引入到express项目,根据说明在app.js中加入下面代码:

...

var CASAuthentication = require('cas-authentication');
var session = require('express-session');

var cas = new CASAuthentication({
    cas_url     : 'https://casserver.herokuapp.com/cas/login',
    service_url : 'http://localhost:3000',
    //cas_version : '1.0' // 
});

app.use( session({
    secret            : 'super secret key',
    resave            : false,
    saveUninitialized : true
}));

// Unauthenticated clients will be redirected to the CAS login and then back to
// this route once authenticated.
app.get( '/app', cas.bounce, function ( req, res ) {
    res.send( 'Hello!' );
});
 
// Unauthenticated clients will receive a 401 Unauthorized response instead of
// the JSON data.
app.get( '/api', cas.block, function ( req, res ) {
    res.json( { success: true } );
});
 
// An example of accessing the CAS user session variable. This could be used to
// retrieve your own local user records based on authenticated CAS username.
app.get( '/api/user', cas.block, function ( req, res ) {
    res.json( { cas_user: req.session[ cas.session_name ] } );
});
 
// Unauthenticated clients will be redirected to the CAS login and then to the
// provided "redirectTo" query parameter once authenticated.
app.get( '/authenticate', cas.bounce_redirect );
 
// This route will de-authenticate the client with the Express server and then
// redirect the client to the CAS logout page.
app.get( '/logout', cas.logout );
...

跳转到https://casserver.herokuapp.com/cas/login登录的默认用户名密码是casuser:Mellon,另外注意的是客户端的版本号要和服务端的版本对应,比如你的服务端cas版本是1.0,那么在客户端的cas_version要填写1.0,否则就会出现无法授权(unauthenticate)的错误提示。

这篇文章目前没有评论

Leave a Reply

(必填项)

(必填项)

(可选)