如何从 Nuxt 3 服务器访问 httpOnly cookies
[英]How to access httpOnly cookies from Nuxt 3 server
问题描述
I am implementing a login feature to a website project.
我正在为网站项目实施登录功能。 The backend is Express and the frontend is Nuxt 3. Upon successfully authenticating a user login, the Express backend returns necessary data to the webserver, which then creates an httpOnly cookie and sets any necessary data in a Pinia store.后端是 Express,前端是 Nuxt 3。在成功验证用户登录后,Express 后端将必要的数据返回给网络服务器,然后创建一个 httpOnly cookie 并在 Pinia 存储中设置任何必要的数据。 On page refresh, I would like the Nuxt 3 server to look at the cookie and setup the Pinia store (since it is lost on page refresh).在页面刷新时,我希望 Nuxt 3 服务器查看 cookie 并设置 Pinia 存储(因为它在页面刷新时丢失)。
Can someone provide some guidance?有人可以提供一些指导吗? I have looked at the useNuxtApp() composable, and I can see the cookie in nuxtApp.ssrContext.req.headers.cookie , but that only provides a K/V pairing of all set cookies, which I would need to parse.我查看了useNuxtApp()可组合项,我可以在nuxtApp.ssrContext.req.headers.cookie中看到 cookie,但这只提供了所有集合 cookies 的 K/V 配对,我需要对其进行解析。 I know of the useCookie composable, but that only works during Lifecycle hooks, which seems to only resolve undefined .我知道 useCookie 可组合项,但它只在生命周期挂钩期间有效,它似乎只解析undefined 。
Thanks.谢谢。
1 个解决方案
解决方案1
1 2022-11-13 19:02:07
Not sure if this is the right way, but it's a solution I used to get through a similar case - do.net api + nuxt3 client.不确定这是否是正确的方法,但这是我曾经通过类似案例获得的解决方案 - do.net api + nuxt3 客户端。
First, we need to proxy API (express in your case), this will make it, so our cookie is on the same domain and browser will start sending it to /api/ endpoints.首先,我们需要代理 API(在您的情况下表示),这将成功,因此我们的 cookie 位于同一域中,浏览器将开始将其发送到 /api/ 端点。
- Install
@nuxtjs-alt/proxy-npm i @nuxtjs-alt/proxy.安装@nuxtjs-alt/proxy-npm i @nuxtjs-alt/proxy。 - Add configuration to
nuxt.config.ts(my api running on localhost:3000):将配置添加到nuxt.config.ts(我的 api 在 localhost:3000 上运行):
nuxt.config.ts : nuxt.config.ts :
export default defineNuxtConfig({
modules: [
'@nuxtjs-alt/proxy'
],
proxy: {
enableProxy: true,
fetch: true,
proxies: {
'/proxy': {
target: 'http://localhost:3000',
changeOrigin: true,
rewrite: (path) => path.replace(/^\/proxy/, '')
}
}
}
});
Then we can the request that will set a cookie anywhere on client using proxy instead of a direct call.然后我们可以使用代理而不是直接调用在客户端的任何位置设置 cookie 的请求。
Anywhere on client, do a request using newly setup proxy instead of calling API directly.在客户端的任何地方,使用新设置的代理发出请求,而不是直接调用 API。
Adjust parameters based on your setup.根据您的设置调整参数。
await $fetch('/proxy/user/sign-in', {
method: 'POST',
body: {
email: 'example@mail.com',
password: 'password'
}
});
Ultimately, should end up with a cookie set on our client domain.最终,应该在我们的客户端域上设置一个 cookie。
And lastly, when we handle request client side - we read the cookie and set up on forwarding request.最后,当我们处理客户端请求时——我们读取 cookie 并设置转发请求。 Replace COOKIE_NAME and API URL accordingly.相应地替换COOKIE_NAME和 API URL。
server/api/user/me.get.ts : server/api/user/me.get.ts :
export default defineEventHandler(async (event) => {
return await $fetch('http://localhost:3000/user/me', {
headers: {
Cookie: `COOKIE_NAME=${
getCookie(event, 'COOKIE_NAME')
}`
}
});
});
API call will use the same cookie we got when we did a first request using cookie and the server should be able to read it. API 调用将使用我们在使用 cookie 进行第一个请求时获得的相同 cookie,并且服务器应该能够读取它。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.