[英]NodeJs express-session don´t save the session
I´ve a problem by saving something in the session above a NodeJs Script.我在 NodeJs 脚本上方的会话中保存一些东西时遇到了问题。 If I start the script and making a post login like this:
如果我启动脚本并像这样进行登录:
app.post('/login', function(req, res) {
sess = req.session;
sess.key = "SecureKEy";
console.log(sess);
});
I got as rusult that what I want:我得到了我想要的东西:
Session { cookie: { path: '/', _expires: null, originalMaxAge: null, httpOnly: true }, key: 'SecureKEy' }
会话 { cookie: { path: '/', _expires: null, originalMaxAge: null, httpOnly: true }, key: 'SecureKEY' }
But if I reload the page with this code the session.key is empty.但是,如果我使用此代码重新加载页面,则 session.key 为空。 Just like it´s not saved.
就像它没有保存一样。
app.get('/', function(req, res) {
sess = req.session;
console.log(sess);
res.sendFile(__dirname+'/wwwroot/index.html');
});
My configuration for the express-session is this:我的快速会话配置是这样的:
const session = require('express-session');
app.use(session({
secret: 'importent',
resave: true,
saveUninitialized: true
}));
I´ve rewrite the code like this:我已经重写了这样的代码:
app.post('/login', function(req, res) {
console.log("Before: ");
console.log(sess);
sess = req.session;
sess.key = "SecureKEy";
req.session.save();
console.log("After: ");
console.log(sess);
});
With that it work correctly.有了它,它可以正常工作。 But if I would resend the logged in page with res.send the session would be automaticly saved?
但是如果我用 res.send 重新发送登录页面,会话会自动保存吗? Is that correct?
那是正确的吗?
express-session auto-save edge cases?快速会话自动保存边缘情况?
The express-session save(...)
method is certainly not triggered for some express response transport methods.对于某些快速响应传输方法,肯定不会触发 express-session
save(...)
方法。 It seems to trigger consistently for the frequently encountered ones such as response.send(...)
, response.json(...)
etc.对于经常遇到的诸如
response.send(...)
, response.json(...)
等,它似乎始终触发。
But same is not the case for the special case transport method such as the express.response.end()
method - from my observation at least;但是对于特殊情况的传输方法(例如
express.response.end()
方法express.response.end()
,情况并非如此 - 至少从我的观察来看; and also response.sendFile(...)
according to the OP and response.redirect(...)
according to posts elsewhere.以及
response.sendFile(...)
根据 OP 和response.redirect(...)
根据其他地方的帖子。
To avoid unforeseen issue, pay close attention when applying express-session to requests where special case response transport methods were used.为避免出现不可预见的问题,请在将 express-session 应用于使用特殊情况响应传输方法的请求时密切注意。 The express-session
save(...)
method may have to be called directly to persist changes made during those requests.可能必须直接调用 express-session
save(...)
方法以保留在这些请求期间所做的更改。 Even then, there is no guarantee that persistence would take place.即便如此,也不能保证持久性会发生。
For example, there are occasions where setting values to null and/or calling the session.destroy(...)
and/or session.regenerate(...)
methods have no effect.例如,有时将值设置为 null 和/或调用
session.destroy(...)
和/或session.regenerate(...)
方法无效。 Those destructed session data basically resurface on the next page refresh.那些被破坏的会话数据基本上会在下一次页面刷新时重新出现。 Not even calling the
save(...)
method or setting the unset
option to 'destroy'
can remedy that situation.甚至调用
save(...)
方法或将unset
选项unset
为'destroy'
都不能解决这种情况。
The express-session readme should include these edge case scenarios in one of its Note sections at the top of the page. express-session自述文件应该在页面顶部的注释部分之一中包含这些边缘情况。 It would curb some of the headwinds surrounding its auto-save feature.
它将遏制围绕其自动保存功能的一些不利因素。
My philosophy to this type of thing is: when a package is too quirky for a use-case, either find a more suited package or just source your own solution if possible.我对这类事情的哲学是:当一个包对于用例来说太古怪时,要么找到更合适的包,要么尽可能寻找自己的解决方案。 Workarounds tend to warp application logic thereby making it error prone and difficult to maintain over time.
变通方法往往会扭曲应用程序逻辑,从而使其容易出错并且随着时间的推移难以维护。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.