我快速实施了/account和/admin的单独会话设置。我使用passport-local进行身份验证。
我使用connect-session-sequelize作为会话存储。
但是,当我在/admin路径上登录时,生成的set-cookie会指定/account路径。
我现在已经看了一段时间而且我没有得到它。
set-cookie是根据会话功能中的express-session onHeaders事件设置的。被调用的是来自/admin/会话对象。所以,那是对的。但是,req.session.cookie.data包含/account引用。
一些代码:
会话商店
const SequelizeStore = sequelizeSession(session.Store);
const sequelizeSessionMiddleWare = (app, pathArray) => {
const store = new SequelizeStore({
db: sequelize,
checkExpirationInterval: 15 * 60 * 1000,
expiration: 24 * 90 * 60 * 60 * 1000
});
// Effectively ['/admin', '/account']
pathArray.forEach(path => {
app.use(
path,
session({
name: `${path.slice(1)}.sid`,
secret,
store,
saveUninitialized: false,
resave: false,
proxy: true,
maxAge: null,
cookie: {
path,
secure: secureCookie,
httpOnly: true
}
})
);
});
};
护照
const sessionSecurity = (app, sessionManager) => {
app.set('trust proxy', 1);
app.use(cookieParser(secret));
sessionManager(app, ['/admin', '/account']);
app.use(passport.initialize());
app.use(passport.session());
passport.serializeUser((user, done) => {
done(null, `${user.type}_${user.id}`);
});
passport.deserializeUser((id, done) => {
const idArray = id.split('_');
switch (idArray[0]) {
case 'Admin':
return deserializeAdmin(idArray[1], done);
default:
return deserializeAccount(idArray[1], done);
}
});
adminPassport(app, authenticationMiddleware);
accountPassport(app, authenticationMiddleware);
};
adminPassport(accountPassport完全相同,使用/ account作为路径,[' account']作为密钥)
const adminPassport = (app, authenticationMiddleware) => {
// named strategy as opposed to path
passport.use('admin', new LocalStrategy({ passReqToCallback: true }, localPassport));
app.get('/admin*', helmet.noCache());
app.get('/admin/login', reactApplication);
app.post('/admin/login', (req, res, next) => {
// reference named strategy
passport.authenticate(['admin'], (authErr, user) => {
if (authErr) return next(authErr);
if (!user) {
return res.sendStatus(401);
}
req.login(user, loginErr => {
if (loginErr) {
return res.status(401).json({
errors: [{ field: 'username', message: 'Username or password is incorrect' }]
});
}
req.session.save(err => {
if (err) next(err);
res.status(200).json(user);
});
});
})(req, res, next);
});
app.get('/admin/password', (req, res) => {
if (req.isAuthenticated) res.redirect('/admin');
reactApplication(req, res);
});
app.post('/admin/password', (req, res) => {
if (req.isAuthenticated()) {
res.redirect('/admin');
}
forgotPassword(req, res);
});
app.get('/admin/logout', (req, res) => {
req.logOut();
req.session.destroy(() => {
res
.clearCookie('admin.sid', {
path: '/admin',
secure: secureCookie,
httpOnly: true
})
.redirect('/');
});
});
app.all('/admin/rest/*', authenticationMiddleware);
};
authenticationMiddleware
const authenticationMiddleware = (req, res, next) => {
if (req.isAuthenticated()) {
next();
} else if (req.path.includes('/rest')) {
res.status(401).json({ message: 'Unauthorized' });
} else {
res.status(302).redirect(req.path.startsWith('/admin') ? '/admin/login' : '/account/login');
}
};