[英]Cannot delete or replace cookies with nodejs/
我在移除或更换使用登录路径设置的 cookies 时遇到困难。 每当我登录时,cookies 设置正确,但是当我点击注销时,我似乎无法更换 cookies。 我试过res.clearCookies
也不管用。 我真的不确定出了什么问题。
这是我的主要应用程序文件
app.use(cookieParser());
app.use(express.json());
app.use(express.urlencoded({ extended: true }));
app.use((req: Request, res: Response, next: NextFunction) => {
res.setHeader("Access-Control-Allow-Origin", "http://localhost:4200");
res.setHeader("Access-Control-Allow-Credentials", "true");
res.setHeader(
"Access-Control-Allow-Methods",
"GET, POST, PUT, PATCH, DELETE"
);
res.setHeader("Access-Control-Allow-Headers", "Content-Type, Authorization");
next();
});
我有一个看起来像这样的登录代码片段,
export const login = (req: Request, res: Response, next: NextFunction) => {
const email = req.body.email;
const password = req.body.password;
db.getDB()
.db()
.collection("users")
.findOne<User>({ email: email })
.then((user) => {
if (!user) {
return res.status(400).json({ message: "Email is not registered!" });
}
bcrypt.compare(password, user.password).then((correctPassword) => {
if (correctPassword) {
const userInfo = {
userRef: user.userRef,
role: user.role,
};
const accessToken = generateAccessToken(userInfo);
const refreshToken = jwt.sign(userInfo, REFRESH_TOKEN, {
expiresIn: "6h",
});
res.cookie("Refresh Token", refreshToken, {
httpOnly: true,
sameSite: "strict",
path: "/",
});
res.cookie("Access Token", accessToken, {
httpOnly: true,
sameSite: "strict",
path: "/",
});
res.status(200).json({ message: "Cookies have been set!" });
} else {
res.status(401).json({ message: "Password is wrong!" });
}
});
})
.catch((err) => next(err));
};
和一个看起来像这样的注销片段
export const logout = (req: Request, res: Response, next: NextFunction) => {
res.cookie("Refresh Token", "x", {
httpOnly: true,
sameSite: "strict",
path: "/",
expires: new Date(1),
});
res.cookie("Access Token", "a", {
httpOnly: true,
sameSite: "strict",
path: "/",
expires: new Date(1),
});
res.status(200).json({ message: "Logged out succesfully." });
};
我没有使用res.clearCookies()
,而是发现res.clearCookie('Access Token')
可以清除 cookie。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.