[英]Cross-domain sessions with connect-mongo
I have built Node.js app with Express 4, for manage sessions I use connect-mongo middleware, all works. 我已经使用Express 4构建了Node.js应用程序,用于管理使用connect-mongo中间件的会话,所有工作正常。
But I need login to my app from another site. 但是我需要从另一个站点登录到我的应用程序。
App is hosted on aws EC2. 应用托管在AWS EC2上。
I use SalesForce and after login to it, I want open my app, but DON'T want input credentials... 我使用SalesForce,登录后我想打开我的应用程序,但是不想输入凭据...
On node.js server I have added headers: 在node.js服务器上,我添加了标头:
res.setHeader('Access-Control-Allow-Origin', req.headers.origin);
res.setHeader('Access-Control-Allow-Credentials', 'true');
In SF, onClick button I execute: 在SF中,我执行onClick按钮:
jsonData = {
"email": 'test1@example.com',
"password": "test"
}
$.ajaxSetup({
type: "POST",
data: {},
dataType: 'json',
xhrFields: {
withCredentials: true
},
crossDomain: true
});
$.post( 'http://ec2-someip.us-west-2.compute.amazonaws.com//login', jsonData)
.done(function( data ) {
console.log( "done" );
console.log(data);
//redirect to data url
})
.fail(function(data) {
console.log( "error" );
console.log( "data" );
});
Node.js returns me correct data url, but doesn't add session cookie, and that's why I see login page after redirect... Node.js向我返回正确的数据url,但是没有添加会话cookie,这就是为什么我在重定向后看到登录页面的原因...
When I manually send POST request from browser (I use "Rest Console" app for Google Chrome), node.js added cookie. 当我从浏览器手动发送POST请求时(我使用Google Chrome的“ Rest Console”应用程序),node.js添加了cookie。
What is wrong? 怎么了? There is a way to login from SF (or any other site) ?
有没有办法从SF(或任何其他站点)登录?
Thank you. 谢谢。
Fixed by adding cookie domain settings: 通过添加Cookie域设置进行了修复:
app.use(session({
secret: config.get('session:key'),
saveUninitialized: true,
resave: true,
store: new MongoStore({
db: mongoose.connection.db
}),
cookie: {
path: '/',
domain: utils.isDevelopmentEnv() ? null : '.' + config.get('domain').replace('http://', '').replace('https://', ''),
httpOnly: true
}
}));
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.