我需要通过查看redis数据库中的会话并检查是否存在值来进行身份验证,这需要异步调用,当我在异步函数中传递返回类型时,我得到未定义的返回。
req.isAuthenticated = function() {
var cookies;
if(this.headers.cookie) {
var secrets = require('./config/secrets');
cookies = cookie.parse(this.headers.cookie);
}
// TODO: Maybe figure out how to use this once
var redisSessionClient = redis.createClient({host:'redis://127.0.0.1/0'});
// if PHP generated a cookie
if(cookies['PHPSESSID']) {
// get the client PHP cookie id
var sid = cookieParser.signedCookie(cookies['PHPSESSID'], secrets.sessionSecret);
// get session information inside redis database
redisSessionClient.get('my_session:'+sid, function(err, session, callback) {
if(err)
console.log("error : "+err);
return err;
var serializedSession = PHPUnserialize.unserializeSession(session);
if(serializedSession._sf2_attributes._security_main) {
console.log('should return true');
return true; // I want to return here!
} else {
console.log('should return false');
return false; // I want to return here!
}
});
console.log('redisSessionClient is async cant return inside that block');
// THIS IS BAD, BUT A TEMP HACK, NEED TO CHECK REDIS FIRST BUT ITS ASYNC
// THIS MEANS AS LONG AS THERE IS A COOKIE WITH THE NAME PHPSESSID THE USER
// CAN ACCESS LOGGED IN STUFF, THE CONDITION ABOVE READS THE SESSION FROM
// THE REDIS SESSION STORE AND MAKE SURE THE COOKIE HAS A PARTICULAR VALUE
return false;
} else {
console.log('should return false')
return false;
}
};
更新:
req.isAuthenticated = function() {
var cookies, self = this;
if(this.headers.cookie) {
var secrets = require('./config/secrets');
cookies = cookie.parse(this.headers.cookie);
}
// TODO: Maybe figure out how to use this once
var redisSessionClient = redis.createClient({host:'redis://127.0.0.1/0'});
// if PHP generated a cookie
if(cookies['PHPSESSID']) {
// get the client PHP cookie id
var sid = cookieParser.signedCookie(cookies['PHPSESSID'], secrets.sessionSecret);
// get session information inside redis database
function doCall(callback) {
redisSessionClient.get('my_Sess:'+sid, function(err, session) {
if(err) {
console.log("error : "+err);
return;
}
var serializedSession = PHPUnserialize.unserializeSession(session);
if(serializedSession._sf2_attributes._security_main) {
console.log('should return true');
return callback(true);
} else {
console.log('should return false');
return callback(false);
}
});
}
doCall(function(response){
return response;
});
} else {
console.log('should return false')
return false;
}
};
以下是完整的解决方案https://jsfiddle.net/Lytsp8e2/1/
答案 0 :(得分:3)
req.isAuthenticated = function(cb) {
// ..........
if(serializedSession._sf2_attributes._security_main) {
console.log('should return true');
cb(true); // I want to return here!
} else {
console.log('should return false');
cb(false); // I want to return here!
}
另外
if(err)
console.log("error : "+err);
return err;
应该是
if(err) {
console.log("error : "+err);
return err;
}
以下是保留大部分编码的完整解决方案https://jsfiddle.net/Lytsp8e2/2/。