无法设置带有Nuxt.js,Express-Session的cookie

时间:2018-04-03 18:33:29

标签: express vuex express-session nuxt.js

我是NUXT和SSR的新手,我现在已经研究了几个小时了,我似乎无法弄明白。我正在使用JWT在我的Nuxt应用程序中使用Bearer Token对用户进行身份验证,这样做很有效,直到我点击刷新并丢失会话。

现在我希望使用express-session和connect-mongo来持久化会话。我无法在客户端上设置cookie以包含在将来的请求中。

用户通过身份验证后:

router.post('/login', function(req, res) {
  User.findOne({
    username: req.body.username
  }, function(err, user) {
    if (err) throw err;

    if (!user) {
      res.status(401).send({success: false, msg: 'Authentication failed. User not found.'});
    } else {
      // check if password matches
      user.comparePassword(req.body.password, function (err, isMatch) {
        if (isMatch && !err) {
          // if user is found and password is right create a token
          var token = jwt.sign(user.toJSON(), config.secret, { expiresIn: 604800 });
          req.session.authUser = { 'user': 'Test User' }
          return res.json({success: true, token: token, user: user});
        } else {
          res.status(401).send({success: false, msg: 'Authentication failed. Wrong password.'});
        }
      });
    }

上面的console.log显示了会话中的authUser。

Session {
  cookie: 
   { path: '/',
     _expires: 2018-04-03T18:13:53.209Z,
     originalMaxAge: 60000,
     httpOnly: true },
  authUser: { user: 'Test User' } }

当我查看我的chrome devtools应用程序cookie时,尚未设置connect.ssid,并且当我在将来的请求中使用console.log(req.session)时,缺少authUser。

我的服务器代码是:

// Passport 
var passport = require('passport');
var passportJWT = require("passport-jwt");
var ExtractJwt = passportJWT.ExtractJwt;
var JwtStrategy = passportJWT.Strategy;

// Config File
let config = require('./config/settings.js')

// Initialize Express
var app = express();

// CORS-ENABLE
app.use(function(req, res, next) {
  res.header("Access-Control-Allow-Origin", "http://127.0.0.1:1337");
  res.header("Access-Control-Allow-Credentials", 'true');
  next();
});
app.use(cors())

const dbPath = 'mongodb://blogUser:blogUserPassword@localhost:27017/blog'

// Express Session
app.use(session({
  secret: 'super-secret-key',
  resave: false,
  saveUninitialized: false,
  store: new MongoStore({ url: dbPath }),
  cookie: { maxAge: 60000 }
}))

// File Upload
app.use(fileUpload());

// view engine setup
// app.set('views', path.join(__dirname, 'views'));
// app.set('view engine', 'jade');

// uncomment after placing your favicon in /public
//app.use(favicon(path.join(__dirname, 'public', 'favicon.ico')));
app.use(logger('dev'));
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: false }));
app.use(cookieParser());

app.use(express.static(path.join(__dirname, 'public')));

// Routes
var index = require('./routes/index');
var users = require('./routes/users');
app.use('/api', index);
app.use('/users', users);

// Passport Config
app.use(passport.initialize());
app.use(passport.session())

// mongoose
const options = {
  autoIndex: true, // Don't build indexes
  reconnectTries: Number.MAX_VALUE, // Never stop trying to reconnect
  reconnectInterval: 500, // Reconnect every 500ms
  poolSize: 10, // Maintain up to 10 socket connections
  // If not connected, return errors immediately rather than waiting for reconnect
  bufferMaxEntries: 0
};

console.log(options);

// Localhost Connect
mongoose.connect(dbPath, options).then(
  () => { console.log("connected !!!"); },
  err => { console.log(err);  }
);

感谢任何和所有帮助。

2 个答案:

答案 0 :(得分:0)

如果要使用服务器,则会话创建的问题是快速路由器,因为更改res和req var就像在nuxt中推荐一样,就使用它。

const express = require('express');

// Create express router
const router = express.Router()

// Transform req & res to have the same API as express
const app = express()
router.use((req, res, next) => {
  Object.setPrototypeOf(req, app.request)
  Object.setPrototypeOf(res, app.response)
  req.res = res
  res.req = req
  next()
})

答案 1 :(得分:0)

您缺少此步骤

// Create express router
const router = express.Router()

// Transform req & res to have the same API as express
// So we can use res.status() & res.json()
router.use((req, res, next) => {
  Object.setPrototypeOf(req, app.request)
  Object.setPrototypeOf(res, app.response)
  req.res = res
  res.req = req
  next()
})

req,res参数需要在客户端互换

执行一次router.post('/ login')并注销

app.use('/api', router)

那将完美地工作