我有一个具有多个文件的nodejs应用,我正在尝试制作登录页面(connection.html)。实际上,我已经可以检查登录名和密码,但是我们无需身份验证即可访问该应用程序(index.html和其他文件)。我不知道如何只允许经过身份验证的用户访问该应用程序。我认为套接字事件已经受到针对身份不明的人的保护,对吗? 我也必须处理多个独立客户。这是个好方法吗?
这是connection.html
<!DOCTYPE HTML>
<html>
<head>
<meta charset="utf-8" />
<title>Connection</title>
<meta charset="utf-8">
<script src="/socket.io/socket.io.js"></script>
<link rel="stylesheet" type="text/css" href="connection.css" />
</head>
<body>
<div id="p_identification">
<div id=connection>
</br></br>
<h1 id="dashboard">dashboard</h1>
</br></br>
<input type="text" name="identifiant" id="nom_client" placeholder="Nom" size="20" autofocus /></br></br>
<input type="password" name="password" id="password" placeholder="Mot de passe" size="20" /></br>
<a href="#" id="mdp_oublie">Mot de passe oublié</a></br></br>
<button id="bouton_connection" onclick="connection()">Connection</button></br></br>
</div>
<span id="connection_erreur"></span></br></br>
</div>
</body>
</html>
<script type="text/javascript">
var rand = function() {
return Math.random().toString(36).substr(2); // enlève le 0. du Math.random()`
};
var token = function() {
return rand() + rand() + rand() + rand(); // 4 fois pour avoir quelque chose de suffisement long
};
function connection()
{
if(document.getElementById('nom_client').value && document.getElementById('password').value)
{
password = document.getElementById('password').value;
nom_client = document.getElementById('nom_client').value;
var socket = io.connect('http://localhost:8080');
socket.on('connect', function(){
socket.emit('authenticate', {token: token(), password:password, nom_client:nom_client});
});
}
else
{
document.getElementById('connection_erreur').innerHTML = " Veuillez renseigner tous les champs";
}
}
</script>
那是服务器文件:
var http = require('http');
var server = http.createServer(function(request, response){
var pathname = url.parse(request.url).pathname;
response.writeHead(200);
var file;
//send back the requested file
switch(pathname)
{
case "/":
file = fs.readFileSync("connection/connection.html", "utf8");
break;
case "/js.js":
file = fs.readFileSync("js.js", "utf8");
break;
//a lot of other files here
//including index.html which is the main file of the app
}
response.write(file);
response.end();
});
var io = require('socket.io').listen(server);
io.on('connection', function(socket){
socket.auth = false;
socket.on('authenticate', function(data){
//access to database to check password and login
socket.auth = true;
});
setTimeout(function(){
//If the socket didn't authenticate, disconnect it
if (!socket.auth) {
console.log("Disconnecting socket ", socket.id);
socket.disconnect('unauthorized');
}
}, 1000);
});
/************************* Socket event *******************************/
io.sockets.on('connection', function (socket) {
//several socket.on event here
});
server.listen(8080);
我已经尝试仅使用连接文件来设置“ server = http.createServer(function(request,response))”,并使用登录名重新设置此功能,而无需执行新的server.listen和许多其他操作其他奇怪的事情 如您所料,它没有用。我不知道我是否可以使用我的脚本处理多个客户端 有人可以帮我吗?谢谢 纪尧姆