我的node.js项目中的req.session.user不是“ global”
[英]req.session.user not “global” in my node.js project
问题描述
身份验证成功后,req.session.user存在,但是当我尝试调用它来限制对页面的访问时,它消失了,当然,当我不想访问它时,它也限制了访问。 我知道这是一个范围问题,但无法解决。
function restrict(req, res, next) {
if (req.session.user) {
next();
} else {
req.session.error = 'Access denied!';
res.redirect('/accessdenied');
}
}
// Add User Route
app.get('/addUser', restrict, function (req, res, next)
{res.render('addUser', {
title : "SC Auds - Ad New User"
, author : "Alan Swenson"
, description : "none"
});
});
app.post('/login', function (req, res, next){
var checkuser = new User({
email : req.body.user.email
, password : req.body.user.password
});
// checkuser.save(function(err) {
// Successfully Logged In
User.getAuthenticated(checkuser.email, checkuser.password, function(err, user, reason) {
if (err) {
throw err;
// Failed to work
res.redirect('/error');
}
// login was successful if we have a user
if (user) {
// handle login success
req.session.regenerate(function(){
req.session.user = user;
req.session.success = 'Authenticated as ' + user.email;
res.redirect('/admin');
console.log(req.session.user);
});
}
// otherwise we can determine why we failed
var reasons = User.failedLogin;
console.log(User.failedLogin);
switch (reason) {
case reasons.NOT_FOUND:
case reasons.PASSWORD_INCORRECT:
// note: these cases are usually treated the same - don't tell
// the user *why* the login failed, only that it did
break;
case reasons.MAX_ATTEMPTS:
// send email or otherwise notify user that account is
// temporarily locked
break;
}
});
});
这是我的app.js
/**
* Module dependencies
*/
var express = require('express'),
routes = require('./routes'),
tasks = require("./tasks"),
mongoose = require('mongoose');
crypt = require('bcrypt');
RedisStore = require('connect-redis')(express);
url = require('url');
// Get yo' models
User = require("./models/user.js");
// Set up the app
app = express();
// Set up the server
var server = require('http').createServer(app);
//set up redis
var redisURL = 'redis://nodejitsu:nodejitsudb3022889634.redis.irstack.com:f327cfe980c971946e80b8e975fbebb4@nodejitsudb3022889634.redis.irstack.com:6379';
var redis = url.parse(redisURL);
console.log(redis);
/**
* Configuration
*/
app.configure(function(){
app.set('views', __dirname + '/views');
app.set('view engine', 'jade');
// Middle Ware
app.use(express.favicon(__dirname + '/public/favicon.ico'));
app.use(express.bodyParser());
app.use(express.cookieParser());
app.use(express.session({
secret: "kaskjbabjkdfkabdfbkadbkjfasdfasdfrterterte",
store: new RedisStore({ host: redis.hostname, port: redis.port, pass: redis.auth ? redis.auth.substring(redis.auth.indexOf(':') + 1) : null }),
proxy: true,
cookie: { secure: true}
}));
app.use(express.methodOverride());
app.use(app.router);
app.use(express.static(__dirname + '/public'));
app.enable('trust proxy');
});
/**
* Set up Listening Ports
* Development & Production
*/
var port;
app.configure('development', function(){
port = 3000;
app.use(express.errorHandler({ dumpExceptions: true, showStack: true }));
// mongoose.connect('mongodb://localhost/<app_name>');
});
app.configure('production', function(){
port = 80;
app.use(express.errorHandler());
// Production database connection string
mongoose.connect('mongodb://nodejitsu:c09cdadf6f1c8ecad43a01d54b4da8e4@linus.mongohq.com:10096/nodejitsudb9995237560');
});
/**
* Open Database
*/
var db = mongoose.connection;
db.on('error', console.error.bind(console, 'connection error:'));
db.once('open', function callback () {
console.log('opened');
});
var models = {};
/**
* Set up Routes
*/
// Main Route
app.get('/', routes.home);
// Additional Routes
require('./additionalRoutes')(app)
/**
* Start Sever Listening
*/
server.listen(port, function(){
});
/*
* Run background tasks here:
*/
// Run immediately
// tasks.myTask();
// Run periodically
// setInterval(tasks.myTask, 1000 * 60 * 10);
2 个解决方案
解决方案1
0 2013-09-27 06:36:05
您在这里缺少限制功能。
app.post('/login', function (req, res, next){
更改为。
app.post('/login', restrict, function (req, res, next){
解决方案2
0 已采纳 2013-09-28 19:31:20
我想到了。 由于计算机和服务器之间的时区不同,我的cookie立即到期。 更改为过期:false
cookie: { secure: true,
path: '/',
expires: false}
是在node.js服务器范围内的全局变量,还是仅针对该会话或用户的全局变量
[英]Are global variables in node.js server wide or just for that session or user
在带有express req.session的node.js中,在我的require()模块中未定义
[英]in node.js with express req.session is undefined inside my require() module
如何将express-session req.session.user附加到chai-http请求?
[英]How to attach express-session req.session.user to chai-http request?
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.
相关问题
通过AngularJS未定义req.session.user
next.js iron-session req.session.user 未定义
Node.js请求会话,用于存储用户信息
是在node.js服务器范围内的全局变量,还是仅针对该会话或用户的全局变量
在带有express req.session的node.js中,在我的require()模块中未定义
如何将express-session req.session.user附加到chai-http请求?
为什么不要求用node.js设置req.session
Node.js req.session变量未定义
Node.JS与req.session.variable异步?
Node.js:无法存储req.session作为参考
相关标签