登录可以在Chrome和Firefox上使用,但不能在Edge上使用
[英]Login works on Chrome and Firefox but not on Edge
问题描述
我的Node.js本地服务器上有一个Firebase身份验证系统。 我已经设置了登录系统,以便用户使用前端登录。 会发送提取请求并返回会话cookie。 这在chrome和firefox上工作正常,但在Edge上,我在浏览器控制台和服务器控制台上均遇到错误。
我检查了令牌是否实际发送到服务器了。
这是带有firebase和cookie-parser的登录处理程序
/** Session login endpoint. */
app.post("/sessionLogin", function(req, res) {
// Get ID token and CSRF token.
var idToken = req.body.idToken.toString();
var csrfToken = req.body.csrfToken.toString();
// Guard against CSRF attacks.
if (!req.cookies || csrfToken !== req.cookies.csrfToken) {
res.status(401).send("UNAUTHORIZED REQUEST!");
return;
}
// Set session expiration to 5 days.
var expiresIn = 60 * 60 * 24 * 5 * 1000;
// Create the session cookie. This will also verify the ID token in the process.
// The session cookie will have the same claims as the ID token.
// We could also choose to enforce that the ID token auth_time is recent.
admin
.auth()
.verifyIdToken(idToken)
.then(function(decodedClaims) {
// In this case, we are enforcing that the user signed in in the last 5 minutes.
if (new Date().getTime() / 1000 - decodedClaims.auth_time < 5 * 60) {
return admin
.auth()
.createSessionCookie(idToken, { expiresIn: expiresIn });
}
throw new Error("UNAUTHORIZED REQUEST!");
})
.then(function(sessionCookie) {
// Note httpOnly cookie will not be accessible from javascript.
// secure flag should be set to true in production.
console.log(sessionCookie);
var options = {
maxAge: expiresIn,
httpOnly: true,
secure: false /** to test in localhost */
};
res.cookie("session", sessionCookie, options);
res.end(JSON.stringify({ status: "success" }));
})
.catch(function(error) {
res.status(401).send("UNAUTHORIZED REQUEST!");
});
});
这是配置文件获取请求处理程序:
//Get profile endpoint. */
app.get("/profile", function(req, res) {
// Get session cookie.
var sessionCookie = req.cookies.session || "none";
// Get the session cookie and verify it. In this case, we are verifying if the
// Firebase session was revoked, user deleted/disabled, etc.
admin
.auth()
.verifySessionCookie(sessionCookie, true /** check if revoked. */)
.then(function(decodedClaims) {
// Serve content for signed in user.
return serveContentForUser("/profile", req, res, decodedClaims);
})
.catch(function(error) {
console.log("error: ", error);
// Force user to login.
res.redirect("/login");
});
});
前端错误:
HTTP401: DENIED - The requested resource requires user authentication.
(Fetch)POST - http://192.168.1.9/sessionLogin
后端错误
{ Error: Decoding Firebase session cookie failed. Make sure you passed the entire string JWT which represents a session cookie. See https://firebase.google.com/docs/auth/admin/manage-cookies for details on how to retrieve a session cookie.
at FirebaseAuthError.FirebaseError [as constructor] (C:\Users\mendi\Desktop\firebase-auth\node_modules\firebase-admin\lib\utils\error.js:42:28)
at FirebaseAuthError.PrefixedFirebaseError [as constructor] (C:\Users\mendi\Desktop\firebase-auth\node_modules\firebase-admin\lib\utils\error.js:88:28)
at new FirebaseAuthError (C:\Users\mendi\Desktop\firebase-auth\node_modules\firebase-admin\lib\utils\error.js:146:16)
at FirebaseTokenVerifier.verifyJWT (C:\Users\mendi\Desktop\firebase-auth\node_modules\firebase-admin\lib\auth\token-verifier.js:158:35)
at Auth.BaseAuth.verifySessionCookie (C:\Users\mendi\Desktop\firebase-auth\node_modules\firebase-admin\lib\auth\auth.js:318:43)
at C:\Users\mendi\Desktop\firebase-auth\app.js:179:6
at Layer.handle [as handle_request] (C:\Users\mendi\Desktop\firebase-auth\node_modules\express\lib\router\layer.js:95:5)
at next (C:\Users\mendi\Desktop\firebase-auth\node_modules\express\lib\router\route.js:137:13)
at Route.dispatch (C:\Users\mendi\Desktop\firebase-auth\node_modules\express\lib\router\route.js:112:3)
at Layer.handle [as handle_request] (C:\Users\mendi\Desktop\firebase-auth\node_modules\express\lib\router\layer.js:95:5)
errorInfo:
{ code: 'auth/argument-error',
message:
'Decoding Firebase session cookie failed. Make sure you passed the entire string JWT which represents a session cookie. See https://firebase.google.com/docs/auth/admin/manage-cookies for details on how to retrieve a session cookie.' },
codePrefix: 'auth' }
也许这是我的错误,或者是浏览器问题。 但我认为它与我的代码无关。
1 个解决方案
解决方案1
1 已采纳 2019-07-08 15:38:55
我发现Edge 41.16299具有类似的问题,该问题已在最新更新中修复。 因此,我建议您为Windows安装最新的更新,并检查它是否有助于解决问题。 参考: developer.microsoft.com/en-us/microsoft-edge/platform/issues
JavaScript 在 Firefox、Chrome 中不起作用 - 在 IE、Edge 中有效
[英]JavaScript not working in Firefox, Chrome - works in IE, Edge
JavaScript 代码在 Firefox 中有效,但在 Chrome 或 Edge 中无效
[英]JavaScript Code works in Firefox but not in Chrome or Edge
隐藏元素在 Firefox 上立即有效,但在 Chrome/Edge 上无效
[英]Hiding an element works immediately on Firefox but not Chrome/Edge
JavaScript登录按钮在IE中有效,但在Chrome或Firefox中不起作用
[英]JavaScript login button works in IE but not in Chrome or Firefox
mediaElement可在Chrome上运行,但不能在Firefox或Edge上运行(网络音频api / angularJS)
[英]mediaElement works on Chrome but not Firefox or Edge (web audio api / angularJS)
reCAPTCHA 2.0 未出现在 Safari 中(适用于 Edge、Chrome 和 Firefox)
[英]reCAPTCHA 2.0 not appearing in Safari (works in Edge, Chrome, and Firefox)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.
相关问题
jquery 适用于 Firefox、Edge,但不适用于 Chrome
ScrollTop可在Chrome和Edge中使用,但不能在Firefox中使用
js 代码适用于 firefox 但不适用于 chrome 歌剧和边缘
JS 代码适用于 Firefox 但不适用于 Chrome 或 Edge
JavaScript 在 Firefox、Chrome 中不起作用 - 在 IE、Edge 中有效
JavaScript 代码在 Firefox 中有效,但在 Chrome 或 Edge 中无效
隐藏元素在 Firefox 上立即有效,但在 Chrome/Edge 上无效
JavaScript登录按钮在IE中有效,但在Chrome或Firefox中不起作用
mediaElement可在Chrome上运行,但不能在Firefox或Edge上运行(网络音频api / angularJS)
reCAPTCHA 2.0 未出现在 Safari 中(适用于 Edge、Chrome 和 Firefox)
相关标签