我当前正在使用具有connect-session-knex作为存储的快速会话,我的问题是该会话不会在API调用之间持续。在以后的请求期间,无法访问任何设置为req.session的变量,并且sessionID每次也不同。
例如,在下面的代码中,调用login将正确设置req.session.user(我可以在数据库和console.log中看到这一点),但是当之后调用checkAuth时,req.session.user由于开始了新的会话,因此未定义。
我已经阅读了有关此主题的其他答案,并尝试了每个建议的修复程序(手动调用req.session.save,检查cors配置,重新排序中间件调用,在express-session配置中设置“安全:假”,设置客户端上的“凭据:包含”),但它们似乎都不起作用。非常感谢任何建议!
1。配置
app.use(cors({
origin: 'http://localhost:3000',
credentials: true
}))
app.use(session({
secret: process.env.SESSION_SECRET,
saveUninitialized: false,
resave: false,
cookie: {
httpOnly: false,
maxAge: 14400000,
sameSite: true,
secure: false
}
}))
app.use('/session', routes.session);
app.use('/user', routes.user);
app.use('/schedule', routes.schedule);
app.use('/message', routes.message);
2。 API方法
//example values for simplicity
let correctEmail = "bob@gmail.com"
let correctPassword = "password"
let userId = 31
router.post('/login', (req, res) => {
const {email, password} = req.body
if (email === correctEmail && password === correctPassword) {
req.session.user = userId
req.session.save()
console.log(req.session.user) //31
return res.sendStatus(200)
} else {
return res.status(400).send({error: "Those account details don't match our records"})
}
});
router.post('/checkAuth', (req, res) => {
console.log(req.session.user) //undefined
if (req.session.user) {
return res.sendStatus(200)
} else {
return res.status(400).send({error: "Not authenticated"})
}
});
3。客户端通话
const login = async () => {
const requestHeaders = {
Accept: 'application/json',
'Content-Type': 'application/json',
'Access-Control-Request-Method': 'POST',
}
fetch(serverAddress + "/session/onboard/provider", {
method: 'POST',
credentials: 'include',
mode: 'cors',
headers: requestHeaders,
body: JSON.stringify(person)
});
}
const checkAuth = async () => {
const requestHeaders = {
Accept: 'application/json',
'Content-Type': 'application/json',
'Access-Control-Request-Method': 'POST',
}
fetch(serverAddress + "/session/checkAuth", {
method: 'POST',
credentials: 'include',
mode: 'cors',
headers: requestHeaders,
body: JSON.stringify(data),
});
}