node + express js中多个并发用户的会话管理

时间:2017-09-03 13:22:17

标签: javascript node.js express passport.js riotjs

我正在尝试使用移动设备以管理员身份登录,并且在成功登录后,我在响应标头中设置了cookie。同时,当我尝试从其他设备(笔记本电脑)访问路由时,我从其他设备获得所有管理员访问权限。

如何为多个用户维护会话?

另外问题是我正在尝试维护全局对象中的视图状态(登录/注销按钮,如果用户是否已登录),这会因服务器端呈现而丢失。

我的意思是所有的JavaScript变量数据(在我的情况下都是DataMixin对象)都会丢失。

如何开发同构riotjs应用程序?请参阅reactJs中修复的类似问题:https://github.com/reactjs/react-chartjs/issues/57

州: 

document.addEventListener('DOMContentLoaded', function (e) {
    DataMixin = { //Global object

        setAuthentication: function(){
            if(arguments[0] != null){
                localStorage.setItem('role', arguments[0][0]);
                localStorage.setItem('loginStatus', arguments[0][1]);
            }
        },

        getRole: function(){
            return localStorage.getItem('role');
        },
    }
}

查看: 

<a href="#" if="{DataMixin.getRole() == ROLE_USER}">ADMIN LOGIN</a>
<li if="{DataMixin.getRole() == 'ROLE_ADMIN'}">
    <a onclick="{logout}">LOGOUT</a>
</li>

使用node + express从服务器端加载页面: 

function urlDataApiResponse(url, params, req, res) {
    swig = require('swig');
    var header_tag = require('./public_html/tags/header_tag.tag');
    var blog_post_details_tag = require('./public_html/tags/blog_post_details.tag');
    var footer_tag = require('./public_html/tags/footer_tag.tag');
    var blog_sidebar_tag = require('./public_html/tags/blog_sidebar.tag');
    var slide_menu_tag = require('./public_html/tags/slide_menu.tag');
    app.engine('html', swig.renderFile);
    app.set('view engine', 'html');
    app.set('views',__dirname + '/public_html/tags/');
    var postDetails = {};
    console.log('url inside getApiResponse ', url);
    var options = {
        method: 'GET',
        uri: url,
        qs: params,
        headers: {
            'User-Agent': 'Request-Promise'
        },
        json: true // Automatically parses the JSON string in the response
    };

    rp(options)
    .then(function (response) {
        createJWT(req,res);
        var postDetails, categories, blog_sidebar_tag_rendered, slide_menu_tag_rendered,
        header_tag_rendered, blog_tag_rendered, footer_tag_rendered;

    postDetails = (response[0].attributes);
    console.log('.............................................................');
    console.log('.............SERVER-SIDE-RENDERING:START.....................');
    console.log('.............................................................');


    header_tag_rendered = riot.render(header_tag, {role: storage.getItemSync('role'), loginStatus: storage.getItemSync('loginStatus') });
    slide_menu_tag_rendered = riot.render(slide_menu_tag, {role: storage.getItemSync('role'), loginStatus: storage.getItemSync('loginStatus') });
    blog_tag_rendered = riot.render(blog_post_details_tag, {details: postDetails, role: storage.getItemSync('role')});
    blog_sidebar_tag_rendered = riot.render(blog_sidebar_tag);
    footer_tag_rendered = riot.render(footer_tag);

    var meta_details = {
        postImageUrl: postDetails.userImage,
        title: postDetails.title + " - Rootscopeit.in",
        description: postDetails.details.substring(0,200)+"...",
        details: postDetails.details,
        url: postDetails.url
    };

    res.render('blog_post_details', {
        open_graph: meta_details,
        header_details: header_tag_rendered, 
        slide_details: slide_menu_tag_rendered, 
        article_details: blog_tag_rendered, 
        sidebar_details: blog_sidebar_tag_rendered, 
        footer_details: footer_tag_rendered});

    console.log('............................................................');
    console.log('............SERVER-SIDE-RENDERING:END.......................');
    console.log('............................................................');
    })
    .catch(function (err) {
        console.log('=================================');
        console.error('POST error ', err.stack);
        console.log('=================================');
        return res.status(res.statusCode).send(err);
    });
}

在护照js中设置cookie:

//==============
//TOKEN CREATION
//==============
function createJWT(req, res){
    var claims = {
        sub: 'Social Authentication',
        iss: 'https://rootscopeit.in',
    };

    var jwt = nJwt.create(claims, secretKey);
    jwt.setExpiration(new Date().getTime() + (60 * 60 * 1000 * 1)); // One hour from now
    var token = jwt.compact();
    var cookies = new Cookies(req, res).set('access_token', token, {
        //httpOnly: true,
        //secure: true // for your production environment
    });
}

//=======================================
//===Google Authentication
//=======================================    
var passport = require('passport');
var GoogleStrategy = require('passport-google-oauth20').Strategy;
app.use(passport.initialize());
app.use(passport.session());

passport.serializeUser(function (user, done) {
    done(null, user);
});
passport.deserializeUser(function (obj, done) {
    var user = USERS[id];
    done(null, user);
});

app.get('/auth/google', passport.authenticate('google', 
{scope: ['profile', 'https://www.googleapis.com/auth/plus.login', 
        'https://www.googleapis.com/auth/plus.profile.emails.read',
    'https://www.googleapis.com/auth/blogger']}));
app.get('/auth/google/callback', passport.authenticate('google', {failureRedirect: '/', failureFlash: true}),
    function (req, res) {
        console.log('success authentication');
        createJWT(req,res);
        res.send(popupTools.popupResponse(req.user));
    }
);

0 个答案:

没有答案
相关问题
最新问题