如何在Express.js中提供用户特定的静态内容
[英]How to serve user specific static content in Express.js
问题描述
I want to serve user-specific static content in Express. 
我想在Express中提供用户特定的静态内容 。 That means, if a user is logged in, his private static folder is served by express. 这意味着,如果用户登录,则Express将为其私人静态文件夹提供服务。 Other users shall not have access. 其他用户无权访问。
I tried the following (see below), but the static content is not being served. 我尝试了以下操作(请参见下文),但未提供静态内容。 In fact, the route seems to be completely ignored and I get a 404. 实际上,该路线似乎被完全忽略了,我得到了404。
I am not sure if the way I do it is the right way to go and if express is capable of dynamically serving different static folders. 我不确定我的操作方式是否正确,express是否能够动态提供不同的静态文件夹。 Thanks in advance for your thoughts on this. 预先感谢您对此的想法。
Here's the code (simplified): 这是代码(简体):
routes.js: routes.js:
express = require 'express'
router = express.Router()
router.use '/user/assets', (req, res, next) ->
if req.user
userpath = 'uploads/' + md5(req.user._id)
if not fs.existsSync userpath
fs.mkdirSync userpath
console.log "Created user directory at " + userpath
express.static(userpath)
next()
module.exports = router
index.js: index.js:
express = require 'express'
app = express()
app.use '/', require './routes'
Sidenotes : 旁注 :
The md5 is just a way of escaping weird characters in the user id, which is a string. md5只是一种在用户ID(字符串)中转义怪异字符的方法。 I know there is a possibility for a mismatch, which is tiny, and about which I don't wanna care for now. 我知道可能会出现不匹配的情况,这种情况很小,而且我现在不想在乎。 Concerns about general security of the fashion of the solving attempt are appreciated. 对于解决尝试的方式的总体安全性的担忧,是可以理解的。 The code is written in CoffeeScript. 该代码用CoffeeScript编写。
req.user contains a valid user element. req.user包含有效的用户元素。
1 个解决方案
解决方案1
3 已采纳 2016-11-27 12:13:48
Just calling express.static is not enough, you need to use() it with the router. 仅调用express.static是不够的,您需要在路由器上use()它。 Unfortunately you can't directly do that, since you require a different set of routes for each user. 不幸的是,您不能直接这样做,因为您需要为每个用户设置不同的路由集。
Calling express.static will return a middleware function. 调用express.static将返回中间件函数。 You could call it directly, ie something like this: 您可以直接调用它,例如:
var files = express.static(userpath);
return files(req, res, next);
However that's still not enough, as the middleware uses req.url to build the file path. 但是,这还不够,因为中间件使用req.url来构建文件路径。 The express router adjusts this property and removes the mount point (see req.originalUrl in the docs). 快速路由器调整此属性并删除安装点(请参阅req.originalUrl中的req.originalUrl )。 So you need to strip /user/assets from it, before calling the middleware. 因此,在调用中间件之前,您需要从中剥离/user/assets 。
By the way, you should set the DEBUG environment variable for node. 顺便说一句,您应该为节点设置DEBUG环境变量。 It allows you to see what routes are created by express, which is very handy in debugging express.static 404 problems. 它使您可以查看express创建的路由,这在调试express.static 404问题时非常方便。 Eg you'd do $ DEBUG=* node index.js on Linux. 例如,您将在Linux上执行$ DEBUG=* node index.js 。
As you can see the approach starts to be a bit hacky and creating a new express.static middleware on each request is not very performance friendly too. 如您所见,该方法开始有点笨拙,并且在每个请求上创建一个新的express.static中间件也不是很友好的性能。 So depending on what your user directories contain, using res.sendFile might actually be better. 因此,根据您的用户目录包含的内容,使用res.sendFile实际上可能更好。
As a sidenote, I assume you've checked that req.user actually contains something if the user is logged in. req.user一下,假设您已检查req.user实际上是否包含用户登录的内容。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.