我想标题很容易解释。问题是我无法从浏览器注销。注销时不会删除Cookie。如果我手动删除cookie,然后重新加载页面,则用户将再次登录并创建一个新的cookie。但是,当我从邮递员注销时,它可以工作。如果我注销,则用户将看不到资源。
这是我的登录和注销信息
exports.login = (req, res, next) => {
passport.authenticate("local", (err, user, failureDetails) => {
if (err) {
res
.status(500)
.json({ message: "Something went wrong authenticating user" });
return;
}
if (!user) {
// "failureDetails" contains the error messages
// from logic in "LocalStrategy" { message: '...' }.
res.status(401).json(failureDetails);
return;
}
// save user in session
req.login(user, err => {
if (err) {
res.status(500).json({ message: "Session save went bad." });
return;
}
// We are now logged in (that's why we can also send req.user)
return res.json({ user });
});
})(req, res, next);
}
exports.logout = function (req, res, next) {
// Here I've tried with req.session.destroy(), clearCookies() etc...
req.logout()
res.status(200).json({ message: "Log out success!" });
}
这是app.js文件的一部分
app.use(session({
secret: "some secret goes here",
resave: false, //I tried with false
saveUninitialized: false, // I tried with false
store: new MongoStore({ mongooseConnection: mongoose.connection
})
}));
验证路由
const auth_controller = require('../../controllers/authController');
router.post('/register', auth_controller.register);
router.post('/login', auth_controller.login);
router.post('/logout', auth_controller.logout);
router.get('/loggedin', auth_controller.loggedIn);
router.get('/get-user', auth_controller.getUser);
我在这里看到了有关此问题的一些主题,但没有一个解决了我的问题。预先谢谢你!