有一个主要的问题,即用户故障最终会导致错误的用户。
在app.js中进行以下设置。
var session = require('express-session');
var RedisStore = require('connect-redis')(session);
var redis = require('redis');
var app = express();
env.express(app);
app.enable('trust proxy');
app.set('views', __dirname + '/views');
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({extended: true}));
app.use(methodOverride());
app.use(cookieParser());
app.use(session({
secret : config.envConfig.session.secret,
name : config.envConfig.session.name,
store: new RedisStore({
host: config.envConfig.redis.host,
port: config.envConfig.redis.port,
client: redis.createClient(),
ttl: config.envConfig.redis.sessionTimout
})
节点应用程序前面有一个nginx反向代理。 请任何想法! (Mabye它与app.enable('trust proxy')有一些东西)
这是我加载布局的用户数据。
exports.loadPage = function(req, res){
var pageId = req.params.pageId;
var serverId = req.session.server;
var user = req.session.user;
var body = {
"pages": ""
};
projectsService.getAsdf(serverId, user.Token)
.then(function(aa) {
return pagesService.loadPage(pageId, aa);
})
.then(function(pages){
body.pages = pages;
return subscriptionService.getSsss({server:serverId, system:user.Guid, id:user.userId,
type: "user"})
.then(function (sub) {
res.send(200, body);
})
.catch(function () {
res.send(200, body);
});
})
.catch(function(err) {
log.error(err);
res.send(500, "Could not load the page");
});
};
exports.loadUserData = function(req, res){
var user = req.session.user,
guid = req.session.user.GUID,
serverId = req.session.server;
userData.getUserData(user.userId, guid)
.then(function(result){
var deferred = q.defer();
var serverData;
var groupsData;
serverService.getSettings(serverId)
.then(function(server){
serverData = server;
return someService.getGroups(server.apiUrl, user.Token);
})
.then(function(groups){
groupsData = JSON.parse(groups);
return someService.getAllUsers(serverData.apiUrl, user.Token);
})
.then(function(allAgents){
var allAgentsGroup = { "id": -1, "users": JSON.parse(allAgents) };
groupsData.unshift(allAgentsGroup);
return groupsService.saveGroups(groupsData, systemGuid);
})
.then(function(){
result.asdf = serverData.asdf;
return deferred.resolve(result);
})
.catch(function(err){
return deferred.reject(err);
})
.done();
return deferred.promise;
})
.then(function(result){
result.serverTime = new Date();
result.instanceId = new ObjectID();
res.send(200, result);
})
.catch(function(err){
res.send(err.statusCode || 500, "Could not initialize the user data.");
});
};
//登录方法我们设置会话...
exports.login = function (req, res) {
var credentials = req.body.user;
credentials.isSuperUser = credentials.username.endsWith("****");
authService.authenticate(credentials)
.then(loginSuccess)
.catch(loginError)
.done();
function loginSuccess(authenticatedResults){
if (credentials.isSuperUser && authenticatedResults.length > 1 && credentials.server && credentials.version){
authenticatedResults = authenticatedResults.filter(function (item) {
return item.server === credentials.server && item.version === credentials.version;
});
}
if(authenticatedResults.length === 1){
req.session.user = authenticatedResults[0].user;
req.session.server = authenticatedResults[0].server;
req.session.version = authenticatedResults[0].version;
logger.userLoggedIn(req.session.user);
}
res.send(200, authenticatedResults);
}
// Nginx看起来像这样
server {
listen 80;
server_name domain.com;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_next_upstream error timeout invalid_header http_500;
proxy_connect_timeout 2;
proxy_set_header Host $host;
proxy_http_version 1.1;
location /user/ {
add_header Set-Cookie "version='';Path=/";
rewrite ^/user(.*)$ http://$server_name:80? redirect;
}
location / {
proxy_pass http://$sticky_backend;
}
location ~ ^/(?<cver>v[12])/ {
add_header Set-Cookie "version=$cver;Path=/";
rewrite ^/v[12]/(.*)$ /$1 redirect;
}
}
修改 我的问题出在IIS上 - 这是在Nginx面前。通过在iis上禁用缓存和内核缓存来解决。