stackoom
  简体   繁体   中英

Store user sessions: node.js, express, mongoose-auth

 原文  2011-12-19 20:53:14       javascript/ node.js/ authentication/ mongodb/ mongoose

Question

I've got a newbie node.js question about authentication ans sessions.

I've made an authentication with: express.js and mongoose-auth (mongodb): 

app.use(express.cookieParser());
app.use(express.session({ secret: 'esoognom'}));
app.use(auth.mongooseAuth.middleware());

I've got not much understanding of all that staff deeply. After users are authenticated they stay to be so unless server restarts. I want to have more persistent state of authentication, how can I manage this?

Thanks for help.

4 answers

solution1
 4 ACCPTED  2011-12-19 20:57:10

If you want the sessions to persist even after a server has crashes / restarted then you should use one of the following modules:

You can also set the lifetime of a cookie using the maxAge param when adding the session middleware. For example if we were using connect-mongodb: 

app.use(express.session({
    secret : "Stays my secret",
    maxAge : new Date(Date.now() + 3600000), //1 Hour
    store  : new MongoStore({ db: 'myDB' })
}));

solution2
 2  2011-12-19 20:57:07

If you use a mongostore it will persist for longer than a server restart.

This is configurable with the maxAge property. It defaults to 14400000 which I believe is in ms, so 4 hours.

See the documentation for details: http://senchalabs.github.com/connect/middleware-session.html

solution3
 1  2012-07-08 10:06:35

I'm using express V2.5.11. Here the maxAge option is not seems to be working. So I rewrite session configure code as follows. 

var MongoStore = require('connect-mongo')(express);
app.use(express.session({
    secret : "basic server",
    cookie : {
        maxAge : 20000 //20 seconds
    }, 
    //maxAge:  new Date(Date.now() + 20000),
    store : new MongoStore({
        host : 'localhost',
        port : 27017,
        db : 'yourdb',
        collection : 'session',
        stringify : false,
        clear_interval : (10)//search db to clear the expired every 10 seconds  
    })
}));

The code is working as pretty good.

solution4
 -1  2013-10-14 08:58:01

Authentication Using Passport 

var express = require('express'),
routes = require('./routes'),
api = require('./routes/api'),
http = require('http'),
path = require('path'),
mysql = require('mysql'),
passport = require('passport'),
LocalStrategy = require('passport-local').Strategy;

//MySQL

var sqlInfo = {
    host: 'localhost', 
    user: 'root',
    password: '', 
    database: 'dbname'
}


global.client = mysql.createConnection(sqlInfo);

client.connect();




var app = module.exports = express();




/**
 * Configuration
 */

// all environments
app.set('port', process.env.PORT || 3000);
app.set('views', __dirname + '/views');
app.set('view engine', 'jade');
app.use(express.logger('dev'));
app.use(express.bodyParser());
app.use(express.methodOverride());
app.use(express.static(path.join(__dirname, 'public')));

app.use(express.cookieParser("secret"));
app.use(express.session({
    secret: 'keyboard cat'
}));
app.use(passport.initialize());
app.use(passport.session());

app.use(app.router);




passport.use(new LocalStrategy(

    function(username, password, done) {

        return check_auth_user(username,password,done);

    }

    ));


// development only
if (app.get('env') === 'development') {
    app.use(express.errorHandler());
}

// production only
if (app.get('env') === 'production') {
// TODO
}



/**
 * routes start---------------------------------------------------------------
 */
// home page contain login form 
app.get('/home', function(reg, res){
    //check user session value, is logged in 
    if(req.user)
        res.render('dash',{
            username: req.user['member_id']//req.user array contains serializeUser data
        });
    else
        res.render('index');

});

app.get('/logout', function(req, res){

    req.logout();
    res.redirect('/home');
});

//login form submit as post

app.post('/login',
    passport.authenticate('local', {
        successRedirect: '/dashboard',
        failureRedirect: '/home'
    })
    );
//to project dashboard
app.get('/dash',routes.dash);
//to project dashboard
app.get('/signup',routes.signup);
//to project dashboard

app.get('*', routes.index);

/**
 * routes end---------------------------------------------------------------------
 */


/**
 * Start Server
 */

http.createServer(app).listen(app.get('port'), function () {
    console.log('Express server listening on port ' + app.get('port'));
});

click for more details with example

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Deal and keep node.js/express sessions Node.js, Express and Mongoose, undefined data Node.js auth: Using passport with Express How to make user registration with Node.js and MongoDB (using mongoose and Express.js) Sessions and socket.io (node.js, express.js) How do sessions work in Express.js with Node.js? Using node.js client-sessions without express Node.js Very Basic Local Authentication using Express Sessions Express sessions not persisting after redirect in node.js User Login is not working with node.js and mongoose
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM