NodeJs express-session 不保存会话
[英]NodeJs express-session don´t save the session
问题描述
I´ve a problem by saving something in the session above a NodeJs Script.
我在 NodeJs 脚本上方的会话中保存一些东西时遇到了问题。 If I start the script and making a post login like this:如果我启动脚本并像这样进行登录:
app.post('/login', function(req, res) {
sess = req.session;
sess.key = "SecureKEy";
console.log(sess);
});
I got as rusult that what I want:我得到了我想要的东西:
Session { cookie: { path: '/', _expires: null, originalMaxAge: null, httpOnly: true }, key: 'SecureKEy' }
But if I reload the page with this code the session.key is empty.但是,如果我使用此代码重新加载页面,则 session.key 为空。 Just like it´s not saved.就像它没有保存一样。
app.get('/', function(req, res) {
sess = req.session;
console.log(sess);
res.sendFile(__dirname+'/wwwroot/index.html');
});
My configuration for the express-session is this:我的快速会话配置是这样的:
const session = require('express-session');
app.use(session({
secret: 'importent',
resave: true,
saveUninitialized: true
}));
2 个解决方案
解决方案1
1 2018-01-21 14:41:07
I´ve rewrite the code like this:我已经重写了这样的代码:
app.post('/login', function(req, res) {
console.log("Before: ");
console.log(sess);
sess = req.session;
sess.key = "SecureKEy";
req.session.save();
console.log("After: ");
console.log(sess);
});
With that it work correctly.有了它,它可以正常工作。 But if I would resend the logged in page with res.send the session would be automaticly saved?但是如果我用 res.send 重新发送登录页面,会话会自动保存吗? Is that correct?那是正确的吗?
解决方案2
1 2020-08-11 23:43:54
express-session auto-save edge cases?快速会话自动保存边缘情况?
The express-session save(...) method is certainly not triggered for some express response transport methods.对于某些快速响应传输方法,肯定不会触发 express-session save(...)方法。 It seems to trigger consistently for the frequently encountered ones such as response.send(...) , response.json(...) etc.对于经常遇到的诸如response.send(...) , response.json(...)等,它似乎始终触发。
But same is not the case for the special case transport method such as the express.response.end() method - from my observation at least;但是对于特殊情况的传输方法(例如express.response.end()方法express.response.end() ,情况并非如此 - 至少从我的观察来看; and also response.sendFile(...) according to the OP and response.redirect(...) according to posts elsewhere.以及response.sendFile(...)根据 OP 和response.redirect(...)根据其他地方的帖子。
To avoid unforeseen issue, pay close attention when applying express-session to requests where special case response transport methods were used.为避免出现不可预见的问题,请在将 express-session 应用于使用特殊情况响应传输方法的请求时密切注意。 The express-session save(...) method may have to be called directly to persist changes made during those requests.可能必须直接调用 express-session save(...)方法以保留在这些请求期间所做的更改。 Even then, there is no guarantee that persistence would take place.即便如此,也不能保证持久性会发生。
For example, there are occasions where setting values to null and/or calling the session.destroy(...) and/or session.regenerate(...) methods have no effect.例如,有时将值设置为 null 和/或调用session.destroy(...)和/或session.regenerate(...)方法无效。 Those destructed session data basically resurface on the next page refresh.那些被破坏的会话数据基本上会在下一次页面刷新时重新出现。 Not even calling the save(...) method or setting the unset option to 'destroy' can remedy that situation.甚至调用save(...)方法或将unset选项unset为'destroy'都不能解决这种情况。
The express-session readme should include these edge case scenarios in one of its Note sections at the top of the page. express-session自述文件应该在页面顶部的注释部分之一中包含这些边缘情况。 It would curb some of the headwinds surrounding its auto-save feature.它将遏制围绕其自动保存功能的一些不利因素。
My philosophy to this type of thing is: when a package is too quirky for a use-case, either find a more suited package or just source your own solution if possible.我对这类事情的哲学是:当一个包对于用例来说太古怪时,要么找到更合适的包,要么尽可能寻找自己的解决方案。 Workarounds tend to warp application logic thereby making it error prone and difficult to maintain over time.变通方法往往会扭曲应用程序逻辑,从而使其容易出错并且随着时间的推移难以维护。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.