Websocket:重新加载页面后维护用户会话
[英]Websocket: maintain user session after page reloading
问题描述
I've got a simple Single Page Application using jetty websockets for communication between server and client. 
我有一个简单的单页应用程序,该应用程序使用jetty websocket在服务器和客户端之间进行通信。
Problem: Each time I have reload page my websocket connection is disabled and new is initialized. 问题:每次重新加载页面时,我的websocket连接都会被禁用,并且new会被初始化。 The problem is that user should relogin on each page refresh. 问题是用户应该重新刷新每个页面刷新。
Question: How can I eliminate the need of relogin on page refresh? 问题: 如何在页面刷新时消除重新登录的需要?
EDITED: Faced the next problem : how to decide when session should be deleted? 编辑:面临下一个问题 :如何决定何时删除会话? I've a peer object on the server side which is a nothing else but websocket session container. 我在服务器端有一个对等对象,不过是websocket会话容器。 Peer is deleted on onClose method, which in turn is invoked on droping client side websocket. 在onClose方法上删除Peer,而onClose方法又在droping客户端websocket上调用。 Here the problem comes: when user press F5 -> client side websocket is broken -> server delete appropriate websocket -> client side try to reload a page and check if there is any session AND FIND NOTHING. 问题来了:当用户按F5键->客户端websocket损坏->服务器删除适当的websocket->客户端尝试重新加载页面并检查是否有任何会话并没有发现。 On the other hand I can't cease removing y peers (sessions) at all. 另一方面,我根本无法停止删除y个同伴(会话)。
Question: How can I tell server when to remove my peers? 问题:如何告诉服务器何时删除对等节点?
1 个解决方案
解决方案1
7 已采纳 2014-02-11 08:56:02
To eliminate the need to authenticate a WebSocket connection upon each new connection establishment you can use cookies. 为了消除在每个新连接建立时验证WebSocket连接的需要,您可以使用cookie。
Authenticate the WebSocket connection upon first time, set cookie on the WebSocket connection , and recheck the cookie upon a new connection. 验证WebSocket连接上后首次WebSocket连接,设置cookie的,并且一旦有新连接重新检查的cookie。
This requires a WebSocket server that allows to read and set cookies on a WebSocket connection. 这需要一个WebSocket服务器,该服务器允许读取和设置WebSocket连接上的cookie。
If the WebSocket connection is served from the same origin as the HTML page containing the JavaScript that opens the WebSocket connection, you could also use a "normal" HTML form based login plus cookie procedure: 如果WebSocket连接的源自与包含打开WebSocket连接的JavaScript的HTML页面相同的源,则还可以使用基于HTML的“普通”表单登录加cookie过程:
- User opens "login.html", which contains a HTML form for login 用户打开“login.html”,其中包含用于登录的HTML表单
- User enters username/password, which submits the HTML form via HTTP/POST to some URL 用户输入用户名/密码,然后通过HTTP / POST将HTML表单提交到某个URL
- The server checks the credentials, and when successful, generates a random cookie, stores the cookie, and sets the cookie on the HTML page returned from the HTTP/POST 服务器检查凭据,并在成功后生成一个随机cookie,存储该cookie,并在从HTTP / POST返回的HTML页面上设置cookie。
- This latter returned page then opens a WebSocket connection to the server (which is on same origin, and hence the previously set cookie is set) 后一个返回的页面然后打开到服务器的WebSocket连接(源于同一源,因此设置了先前设置的cookie)
- The WebSocket server in the opening handshake checks if there is a cookie, and if the cookie is stored in the DB for logged-in users 开始握手时的WebSocket服务器将检查是否存在cookie,以及该cookie是否存储在DB中以供登录用户使用
- If so, the WebSocket connection succeeds. 如果是这样,WebSocket连接成功。 If not, the WebSocket server does not establish a connection, but redirects the user to 1. 如果不是,则WebSocket服务器不会建立连接,而是将用户重定向到1。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.