快速会话被覆盖

时间:2015-03-20 22:11:11

标签: express passport.js passport-local express-session

我使用Passport身份验证进行Express,并添加了会话,如下所示。

app.use(cookieParser()); // read cookies (needed for auth)
app.use(bodyParser()); // get information from html forms

app.set('view engine', 'ejs'); // set up ejs for templating

// required for passport
// Trust Proxy as it is behind web server.
//app.set('trust proxy', 1);

app.use(session({
    secret: 'this is secret',
    resave: false,
    store: new MongoStore({ url: configDB.url }),
    saveUninitialized: true,
    cookie: { httpOnly: true, maxAge: 2419200000 }
})); // session secret

app.get("/*", function(req, res, next) {
    if (typeof req.cookies['connect.sid'] !== 'undefined') { console.log(req.cookies['connect.sid']); }
    next(); // call the next middleware
});

app.use(passport.initialize());
app.use(passport.session()); // persistent login sessions
app.use(flash()); // use connect-flash for flash messages stored in session

不确定是什么问题,在Passport登录中我将会话名称设置为req.session.name。如果用户A登录,则工作正常,但是当用户B登录时,它不会创建新的会话对象,但会覆盖用户B的用户A会话对象,包括护照详细信息。同样在浏览器中,cookie被重置为用户B,这应该是显而易见的。

0 个答案:

没有答案