有人可以向我解释中间件需要秘密字符串的位置吗? 此外,如果我在passport.session选项中设置了密钥/值对,我仍然会收到相同的错误消息
这是代码
// using pug since a view engine is required by express
app.set('views', __dirname)
app.set('view engine', 'pug')
app.use(cookieParser(secretConfig))
// parse application/json
app.use(bodyParser.json())
// parse application/x-www-form-urlencoded
app.use(bodyParser.urlencoded({ extended: false }))
app.use(passport.initialize());
app.use(passport.session({
resave: false,
saveUninitialized: true,
failureFlash: true
}));
//app.use(flash());
// Load the REST endpoints
app.use('/api', require('./endpoints/whatever/router'))
app.use('/api', require('./endpoints/login/router'))
// app.use('/api', require('./users/router'))
// Repeat the above line for additional model areas ("deals", "vehicles", etc)
app.use('/graphql', graphqlHTTP({
schema: schema,
rootValue: root,
graphiql: true
}));
答案 0 :(得分:5)
这对我不合适:
app.use(passport.session({
resave: false,
saveUninitialized: true,
failureFlash: true
}));
我相信你需要这样的东西:
var session = require('express-session');
app.use(session({
resave: false,
saveUninitialized: true,
secret: 'secret here'
});
app.use(passport.initialize());
app.use(passport.session());
即使您在标题中提到“Express-Session”,您发布的代码示例实际上并未使用它。它与passport.session不一样。
除非您将其用于其他内容,否则您也可以删除cookie-parser,因为最新版本的express-session不需要它。