[英]Express session does not work with Firebase Hosting
When I have the following, sessions are persisted and the page counts the number of visits. 当我有以下内容时,会话将保持不变,页面将计算访问次数。
app.set('trust proxy', true)
// The documentation specifies '1' instead of 'true'
app.use(session({
secret: 'my secret',
proxy: true,
resave: false,
saveUninitialized: true,
cookie: { secure: false }
}))
app.listen(3000, function(){
console.log("Server is connected!");
});
app.get("/login", (req, res) => {
if(req.session.page_views){
req.session.page_views++;
res.send("You visited this page " + req.session.page_views + " times");
} else {
req.session.page_views = 1;
res.send("Welcome to this page for the first time!");
}
});
However, when I remove the app.listen(3000, ...)
and instead run in localhost
through the command firebase serve
in the CLI, sessions are not persisted. 但是,当我删除
app.listen(3000, ...)
并在CLI中通过命令firebase serve
在localhost
运行时,会话不会保留。
I also tried running on production environment through firebase deploy
but, again, sessions are not persisted. 我还尝试通过
firebase deploy
在生产环境上运行,但同样,会话不会持久化。
I have tried multiple options on the app.use(session({
and I believe the solution might be there. 我在
app.use(session({
上尝试了多个选项app.use(session({
我相信解决方案可能就在那里。
Any recommendations? 有什么建议?
UPDATE UPDATE
const express = require('express');
const session = require('express-session');
const FirestoreStore = require('firestore-store')(session);
const bodyParser = require('body-parser');
app.use(cookieParser('My secret'));
app.use(bodyParser.urlencoded({ extended: true }));
app.use(session({
store: new FirestoreStore({
database: firebase.firestore()
}),
secret: 'My secret',
resave: true,
saveUninitialized: true,
cookie: {maxAge : 60000,
secure: false,
httpOnly: false }
}));
I will suggest something, instead of using this FirestoreStore , I will suggest you use this FirebaseStore . 我会建议一些东西,而不是使用这个FirestoreStore ,我建议你使用这个FirebaseStore 。
And I noticed you're using Express, so you might want to check the usage below: 我注意到你正在使用Express,所以你可能想检查下面的用法:
NOTE : In Express 4 express-session must be passed to the function connect-session-firebase exports in order to extend express-session.Store: 注意 :在Express 4中,express-session必须传递给函数connect-session-firebase exports才能扩展express-session.Store:
const express = require('express');
const session = require('express-session');
const FirebaseStore = require('connect-session-firebase')(session);
const firebase = require('firebase-admin');
const ref = firebase.initializeApp({
credential: firebase.credential.cert('path/to/serviceAccountCredentials.json'),
databaseURL: 'https://databaseName.firebaseio.com'
});
express()
.use(session({
store: new FirebaseStore({
database: ref.database()
}),
secret: 'keyboard cat'
resave: true,
saveUninitialized: true
}));
And you might also want to really consider the Security provided by that dependency 您可能还想真正考虑该依赖项提供的安全性
If you use a publicly available Firebase Database, please set proper rules:
如果您使用公开的Firebase数据库,请设置适当的规则:
{
"rules": {
".read": "false",
".write": "false",
"sessions": {
".read": "false",
".write": "false"
},
"some_public_data": {
".read": "true",
".write": "auth !== null"
}
}
}
You can get to read more about Firebase rules and connect-session-firebase 您可以阅读有关Firebase规则和connect-session-firebase的更多信息
If you are using firebase hosting you might as well use a connector which connects your express session with firebase. 如果您正在使用firebase托管,您可以使用连接器将您的快速会话与firebase连接起来。
You can try connect-session-firebase middleware which will integrate the firebase database store with the current express session. 您可以尝试connect-session-firebase中间件,它将firebase数据库存储与当前的快速会话集成在一起。 This might resolve your issue regarding session persistence.
这可能会解决有关会话持久性的问题。
UPDATE: 更新:
If you are using firebase hosting and cloud functions then you can only set a cookie with name __session
. 如果您使用的是firebase托管和云功能,那么您只能设置名为
__session
的cookie。 You might have to use this name to persist sessions in firebase hosting. 您可能必须使用此名称来持久保存firebase托管中的会话。
app.use(session({
store: new FirestoreStore({
database: firebase.firestore()
}),
name: '__session',
secret: 'My secret',
resave: true,
saveUninitialized: true,
cookie: {maxAge : 60000,
secure: false,
httpOnly: false }
}));
For more info: 欲了解更多信息:
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.