1-2分钟后,req.user使用password.js清除

时间:2018-09-09 05:44:32

标签: node.js reactjs passport.js axios express-session

我的应用程序存在问题,req.user仍然存在。成功登录/ serializeUser等后,我可以在保存的文件中看到req.user,并且该应用程序可以根据需要工作约1-2分钟。之后,req.user清除为undefined。我正在使用当前正在使用的react并向服务器调用方法以确认componentDidMount上存在req.user。我不知道为什么,对此我还很陌生。

在我的server.js中:

app.use(bodyParser.json())

// Sessions
app.use(
express-session({
    secret: 'feedmeseymour',
    cookie: { maxAge: 60000 },
    store: new MongoStore({ mongooseConnection: dbConnection }),
    resave: false,
    saveUninitialized: false
})
)
// MIDDLEWARE
app.use(morgan('dev'))
app.use(
bodyParser.urlencoded({
    extended: false
})
)
app.use(bodyParser.json())
app.use(express.static('public'));
app.use(cors());
app.use(bodyParser.urlencoded({extended: true}));
app.use(bodyParser.json());
// Passport
app.use(passport.initialize())
app.use(passport.session())

我的登录路线:

router.post(
    '/',
    function (req, res, next) {
        console.log('Received login information. Username: ' + req.body.username)

        const {errors, isValid } = validateLoginInput(req.body);

        if (!isValid) {
          return res.status(400).json(errors);
        }

        next()
    },
    passport.authenticate('local', {failWithError: true }),
    function (req, res, next) {
          console.log('req.user in the backend: ' + req.user);
        var userInfo = req.user
        res.send(userInfo);
    },
    function (err, req, res, next) {
      res.status(401).send({ success: false, message: err })
    }
)

passport.serializeUser /反序列化方法:

passport.serializeUser((user, done) => {
    console.log('*** serializeUser called, user: ')
    console.log(user) // the whole raw user object!
    console.log('---------')
    done(null, { _id: user._id })
})

// user object attaches to the request as req.user
passport.deserializeUser((id, done) => {
    console.log('DeserializeUser called')
    User.findOne(
        { _id: id },
        'username',
        (err, user) => {
            console.log('*** Deserialize user, user:')
            console.log(user)
            console.log('--------------')
            done(null, user)
        }
    )
})

在componentDidMount上调用:

getUser() {
      axios.get('/users').then(response => {
        if (response.data.user) {
          this.setUser(true, response.data.username, response.data.super);
        }
        else {
          console.log('no user is logged in')
          this.setUser(false, null, false);
        }
    })
    }

哪个叫这条路线在后面:

router.get('/', (req, res, next) => {
  console.log('req.user:');
  console.log(req.user);
  console.log('------------');
  console.log('req.session:');
  console.log(req.session);
  console.log('------------');
    if (req.user) {
      User.findOne({ _id: req.user._id }, (err, user) => {
          if (err) {
              console.log('logged user retrieval error: ', err)
          } else if (user) {
              console.log('found user from _id: ' + user);
              res.json({ user: req.user, super: user.super })
          }
        })
    } else {
        res.json({ user: null })
    }
})

req.user位于背面约1-2分钟,然后变为未定义。我将用户存储在mongodb的商店中,并且可以看到该会话仍然存在。

req.user随信息一起保存。一分钟后,它将变为未定义:

req.user:
{ _id: 5b7ded93525742053a6dd155, username: 'admin' }
------------
req.session:
Session {
  cookie: 
   { path: '/',
     _expires: 2018-09-09T07:10:22.902Z,
     originalMaxAge: 60000,
     httpOnly: true },
  passport: { user: { _id: '5b7ded93525742053a6dd155' } } }
------------

2 个答案:

答案 0 :(得分:2)

cookie: { maxAge: 60000 }

那是60.000毫秒,即60秒。正是您所描述的1分钟。

答案 1 :(得分:0)

尝试将user存储在请求的session对象中。这样对我有用。

相关问题
最新问题