我试图在Express中使用会话变量来管理用户登录。我无法使该变量适用于不同的请求。这是我的代码:
var config = require('config'),
ejs = require('ejs'),
util = require('util'),
express = require('express'),
bodyParser = require('body-parser'),
cors = require('cors'),
moment = require('moment'),
plaid = require('plaid'),
mariadb = require('mariadb'),
fs = require('fs'),
http = require('http'),
https = require('https'),
session = require('express-session'),
cookieParser = require('cookie-parser');
...
var app = express();
app.use(cookieParser());
app.use(
session({
resave: false,
saveUninitialized: false,
secret: 'debug',
cookie: { secure: true }
})
);
...
app.post('/tokensignin', function (req, res) {
async function verify() {
const ticket = await googleAuthClient.verifyIdToken({
idToken: req.body.idtoken,
audience: GOOGLE_AUTH_CLIENT_ID,
});
const payload = ticket.getPayload();
const userid = payload['sub'];
if (payload['aud'] == GOOGLE_AUTH_CLIENT_ID) {
pool.getConnection().then(conn => {
conn.query("CALL getUserByGoogleId(?)", [userid])
.then(rows => {
res.sendStatus(200);
if (rows[0]) {
req.session.test = "Hello, world!";
console.log("req.session.test = " + req.session.test);
req.session.user = {
firstName: rows[0].firstName,
lastName: rows[0].lastName,
avatar: rows[0].imageUrl,
};
} else {
conn
.query("CALL createUser(?,?,?,?,?)) VALUES (?,?,?,?,?)"
, [userid, req.body.firstName, req.body.lastName, req.body.imageUrl, req.body.email]
)
.then(rows => {
req.session.user = {
firstName: rows[0].firstName,
lastName: rows[0].lastName,
avatar: rows[0].imageUrl,
};
})
.catch(err => {
console.log("error: " + err);
res.send(err);
});
}
})
.catch(err => {
res.send(err);
});
conn.end();
});
}
}
verify().catch(console.error);
});
第一次正确存储了变量,但是当我重定向到主页时,req.session.test和req.session.use未定义。
这是代码:
app.all('/home', function (req, res) {
console.log("req.session.test = " + req.session.test);
console.log(req.session);
return res.render('home.ejs', {
PLAID_PUBLIC_KEY: PLAID_PUBLIC_KEY,
PLAID_ENV: PLAID_ENV,
PLAID_PRODUCTS: PLAID_PRODUCTS,
APP_MODE: config.APP_MODE,
APP_PORT: config.APP_PORT,
URL: config.URL,
test: req.session.test,
user: req.session.user,
});
});
我正在使用:
编辑:
我的网站正在使用SSL,因此我的cookie应该有secure:true。
更新:
我尝试移动res.sendStatus(200),以使该方法现在看起来像这样:
conn.query("CALL getUserByGoogleId(?)", [userid])
.then(rows => {
if (rows[0]) {
req.session.test = "Hello, world!";
console.log("req.session.test = " + req.session.test);
req.session.user = {
firstName: rows[0].firstName,
lastName: rows[0].lastName,
avatar: rows[0].imageUrl,
};
} else {
conn.query("CALL createUser(?,?,?,?,?)) VALUES (?,?,?,?,?)"
, [userid, req.body.firstName, req.body.lastName, req.body.imageUrl, req.body.email])
.then(rows => {
req.session.user = {
firstName: rows[0].firstName,
lastName: rows[0].lastName,
avatar: rows[0].imageUrl,
};
})
.catch(err => {
console.log("error: " + err);
res.send(err);
});
}
res.sendStatus(200);
conn.end();
})
.catch(err => {
res.send(err);
});
});
得到相同的结果。
答案 0 :(得分:0)
请尝试将cookie: { secure: true }更改为false,因为根据文档:
注意,将其设置为true时要小心,因为如果浏览器没有HTTPS连接,则兼容的客户端将来不会将cookie发送回服务器。
请注意,安全:真是推荐的选项。但是,它需要启用HTTPS的网站,即,对于安全Cookie来说,必须使用HTTPS。如果设置了安全性,并且您通过HTTP访问网站,则将不会设置Cookie。
代码:
app.use(
session({
resave: false,
saveUninitialized: false,
secret: 'debug',
cookie: { secure: false }
})
);