修改会话不保存

时间:2018-03-16 19:01:52

标签: node.js express

我使用nodejs 8.9.3并表达4.15.5。

我正在做的是尝试在登录时将用户信息保存到req。身份验证成功后,我重新指定用户变量。然后,一旦完成,当我访问ie '/dashboard'时,不存储用户信息。

我尝试过的内容

  • 使用不同的组合将saveUninialialized,resave和rolling的快捷会话项目更改为true / false。
  • 登录中间件
  • req.session.save()
  • 将登录回复从res.send(stuff)更改为res.redirect('/dashboard')
  • 尝试将用户存储在req.session.user而不是req.user

我试图让这个工作完全没有运气。

app.js

...
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: false }));
app.use(cookieParser());
app.use(session({
    secret: 'javascript',
    saveUninitialized: true,
    resave: false,
    rolling: false,
    cookie: {
        maxAge: 30 * 24 * 60 * 60 * 1000,  // 30 days
        secure: process.env.NODE_env === 'production', // currently false as NODE_env is development atm
    }
}));
...
// Load routes
require('./routes/auth.js')(app);

auth.js

let userPre = {
    dn: '',
    userPrincipalName: '',
    sAMAccountName: '',
    displayName: '',
    pwdLastSet: '',
    memberOf: [],
    isAuthenticated: false
};

module.exports = (app) => {
    let user = function(req, res, next) {
        req.user = userPre;
        next();
    };
    app.use(user);
    app.get('/', (req, res) => {
        res.render('login', {title: 'Login'});
    });

    app.post('/api/login', async(req, res) => {
        await ad.user(req.body.userName).authenticate(req.body.password)
            .then(async(authResponse) => {
                if (authResponse === true)  {
                    return await ad.user(req.body.userName).get();
                }
                else if (authResponse === false) {
                    res.send('failed');
                    return false;
                }
            })
            .then(userProfile => {
                if (!userProfile) {
                    return false;
                } else {
                    req.user = {
                        dn: userProfile.dn,
                        userPrincipalName: userProfile.userPrincipalName,
                        sAMAccountName: userProfile.sAMAccountName,
                        displayName: userProfile.displayName,
                        pwdLastSet: userProfile.pwdLastSet,
                        memberOf: [],
                        isAuthenticated: true
                    };
                    userProfile['groups'].forEach(group => req.user.memberOf.push(group.cn));
                    if (req.user.memberOf.filter(obj => obj === 'Cat')) {
                        // authentication is successful and now I want to redirect to dashboard with req.user still being set.
                        // Tried req.session.save() here as well.
                        console.log(req.user); // Data has been set
                        res.redirect('/dashboard');

                    } else {
                        res.send('success') // ignore
                    }
                }
            })
            .catch(err => console.log(err));
    });

...

    app.get('/dashboard', (req, res) => {
        console.log(req.user); // all variables are still ''.
        res.render('dashboard', {title: 'Dashboard'})
    });

...
};

1 个答案:

答案 0 :(得分:1)

您几乎要做的就是将用户存储在req.session.user而不是req.user上。

req.session.user = {
    dn: userProfile.dn,
    userPrincipalName: userProfile.userPrincipalName,
    sAMAccountName: userProfile.sAMAccountName,
    displayName: userProfile.displayName,
    pwdLastSet: userProfile.pwdLastSet,
    memberOf: [],
    isAuthenticated: true
};