我正在学习node.js并表达并正在研究Brad Dayleys的一些例子。我已经从本书中复制了下面的代码,该代码使用crypto和express-session实现了一些基本的会话认证:
var express = require('express');
var bodyParser = require('body-parser');
var cookieParser = require('cookie-parser');
var session = require('express-session');
var crypto = require('crypto');
//encrypt password function
function hashPW(pwd) {
var hash = crypto.createHash('sha256').update(pwd).digest('base64');
return hash.toString();
}
var app = express();
//this is the new way to call this module
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({
extended: true
}));
app.use(cookieParser('MAGICString'));
//new way to init session
app.use(session({secret: 'ssshhhhh', resave: false, saveUninitialized: false}));
//see if user is authorized to be here
app.get('/restricted', function(req, res) {
if (req.session.user) {
res.send ('<h2>' + req.session.success + '</h2>' +
'<p>You have entered the restricted section<p><br>' +
'<a href="/logout">logout</a>');
}
else {
req.session.error = 'Access denied';
res.redirect('/login');
}
});
app.get('/logout', function (req, res) {
req.session.destroy(function() {
res.redirect('/login');
});
});
app.get('/login', function(req, res) {
var response = '<form method="POST">' +
'Username: <input type="text" name="username"><br>' +
'Password: <input type="text" name="password"><br>' +
'<input type="submit" value="Submit"></form>';
if (req.session.user) {
res.redirect('/restricted');
} else if (req.session.error) {
response += '<h2>' + req.session.error + '</h2>';
}
res.type = ('html');
res.send(response);
});
//on form submit
app.post('/login', function (req, res) {
//user should be a lookup of req.body.username in database
var user = {name: req.body.username, password:hashPW("myPass")};
if (user.password === hashPW(req.body.password.toString())) {
req.session.regenerate(function() {
req.session.user = user;
req.session.success = 'Authenticated as ' + user.name;
res.redirect('/restricted');
});
} else {
req.session.regenerate(function() {
req.session.error = 'Authentication failed';
res.redirect('/restricted');
});
res.redirect('/login');
}
});
app.listen(8080);
当我跑步时,我得到错误:
TypeError: Property 'type' of object #<ServerResponse> is not a function
at ServerResponse.send (/home/terry/myProjects/serverLearn/node_modules/express/lib/response.js:129:14)
at app.post.user.name (/home/terry/myProjects/serverLearn/express_auth_session.js:63:9)
at Layer.handle [as handle_request] (/home/terry/myProjects/serverLearn/node_modules/express/lib/router/layer.js:82:5)
at next (/home/terry/myProjects/serverLearn/node_modules/express/lib/router/route.js:110:13)
at Route.dispatch (/home/terry/myProjects/serverLearn/node_modules/express/lib/router/route.js:91:3)
at Layer.handle [as handle_request] (/home/terry/myProjects/serverLearn/node_modules/express/lib/router/layer.js:82:5)
at /home/terry/myProjects/serverLearn/node_modules/express/lib/router/index.js:267:22
at Function.proto.process_params (/home/terry/myProjects/serverLearn/node_modules/express/lib/router/index.js:321:12)
at next (/home/terry/myProjects/serverLearn/node_modules/express/lib/router/index.js:261:10)
at Object.<anonymous> (/home/terry/myProjects/serverLearn/node_modules/express-session/index.js:421:7)
原谅我的无知,但我无法看清楚是什么问题。我甚至无法确定错误到底在哪里。任何帮助或指针将不胜感激!
答案 0 :(得分:1)
该行:
res.type = ('html');
错了。您正试图在Express不期待的响应对象上设置某些内容。
如果您想手动设置回复的content-type,可以将此行替换为:
res.header("Content-Type", "text/html");
或者另一种方式,为了完整性:
res.set('Content-Type', 'text/html');