我使用护照进行授权,我使用'connect-mongo-session'模块在mongodb中保存会话。我注意到,在我尝试登录req.user对象的某个时间之后变为未定义,尽管会话对象存在于数据库中,并且护照和会话详细信息存在于req对象中。这是我的会话设置:
let store;
if(env === "development")
store = new MongoDBStore({ //Allows session to be stored and retreived even when server restarts.
uri: config.db,
collection: 'mySessions'
})
else {
store = new MongoDBStore({ //Allows session to be stored and retreived even when server restarts.
uri: config.db,
collection: 'Cosmos'
})
}
app.use(session({
store: store,
saveUninitialized: true,
resave: true,
secret: config.app.sessionSecret
}));
app.use(passport.initialize());
app.use(passport.session());
以下是负责序列化的代码:
passport.serializeUser((user, done) => {
done(null, user.id);
});
// Use Passport's 'deserializeUser' method to load the user document
passport.deserializeUser((id, done) => {
User.findOne({
_id: id
}, '-password -salt', (err, user) => {
done(err, user);
});
});
答案 0 :(得分:0)
我能够通过将saveUninitialized更改为false并重新保存为false来解决问题,所以它现在看起来像这样:
app.use(session({
store: store,
saveUninitialized: false,
maxAge: 1000 * 60 * 60 * 84, // I added this just in case
resave: false,
secret: config.app.sessionSecret
}));