[英]express and socket.io authentication — how do I retrieve the cookie/session info?
前言:我是node.js,express,socket.io等所有的新手。 我意識到我的代碼有點混亂,需要將其分離為模塊等,但是我還沒有這樣做,因為我試圖首先使身份驗證部分起作用。 我已經搜索了整個stackoverflow和其他站點。 我找到了一些很有前途的例子,但我只是無法使其發揮作用。
我遵循了一些教程來創建我的Express應用程序,該應用程序允許用戶注冊,登錄和查看其詳細信息。 我還遵循了一個教程,該教程幫助我進行了基本的socket.io聊天。 我想做的是將它們結合起來並讓用戶登錄,然后將其重定向到聊天應用程序。 我的問題是,當我重定向它們時,我無法在socket.io方面知道“它們是誰”。 目前,我已經設置好它,因此您必須輸入您的名字才能聊天-我希望它從會話中獲取信息並改用它。
當前,當用戶登錄時,它會設置一個cookie(我可以在控制台中查看它)。 所以我知道餅干在那里。 還將信息設置到MongoStore中。 我已經使用db.collection.find()進行了驗證。
這是我到目前為止的代碼。 如果有任何專家可以幫助我找到一種將會話信息傳遞給socket.io的方法,我將非常感激!
var mongo = require('mongodb').MongoClient;
var bodyParser = require('body-parser');
var bcrypt = require('bcryptjs');
var csrf = require('csurf');
var path = require ('path');
var express = require('express');
var mongoose = require('mongoose');
var uniqueValidator = require('mongoose-unique-validator');
var session = require('express-session');
var moment = require('moment');
var now = moment().format('L');
var http = require('http');
var MongoStore = require('connect-mongo')(session);
var Schema = mongoose.Schema;
var ObjectId = Schema.ObjectId;
UserSchema = new Schema({
//id: ObjectId,
firstName: String,
lastName: String,
username: {
type: String,
unique: true,
uniqueCaseInsensitive:true
},
password: String,
email: {
type:String,
unique: true,
uniqueCaseInsensitive:true
},
accountType: String,
accountStatus: String,
acctActivation:{
type:String,
unique:true
},
joinDate: String
});
UserSchema.plugin(uniqueValidator,{ message: 'Error, {PATH} {VALUE} has already been registered.\r' });
var User = mongoose.model('User', UserSchema);
var app = express();
app.engine('ejs', require('ejs').renderFile);
app.locals.pretty = true;
//connect to mongo
mongoose.connect('mongodb://localhost/myUserDb');
//create server
var server = http.createServer(app).listen(3000);
var client = require('socket.io')(server);
console.log('listening on port 3000');
//middleware
app.use(express.static('public'));
app.use(bodyParser.urlencoded({extended:true}));
app.use(session({
secret: 'mysecret!',
resave:false,
saveUninitialized: false,
stringify:true,
store: new MongoStore({
url: 'mongodb://127.0.0.1/sid2'
})
}));
app.use(csrf());
app.use(function(req,res,next){ // check to see if user already has a session, if so, query mongodb and update the user object
if(req.session && req.session.user){
User.findOne({email: req.session.user.email}, function(err, user){
if(user){
req.user = user;
delete req.user.password; // remove password field from session
req.session.user = req.user;
res.locals.user = req.user;
}
next();
});
}else{
next();
}
});
function requireLogin(req,res,next){ // check to see if user is logged in, if not, boot em
if(!req.user){
res.redirect('/login');
}else{
next();
}
};
function requireAdmin(req,res,next){ // check to see if accountType = Developer (or admin later) - if not, send them to dashboard
if(req.user.accountType !== 'Developer'){
res.redirect('/dashboard');
}else{
next();
}
};
app.get('/', function(req, res){
if(req.user){
res.render('dashboard.ejs');
}else{
res.render('index.ejs');
}
});
app.get('/register', function(req,res){
res.render('register.ejs', {csrfToken: req.csrfToken(),
error:false});
});
app.post('/register', function(req,res){
var hash = bcrypt.hashSync(req.body.password, bcrypt.genSaltSync(10));
var user = new User({
firstName: req.body.firstName,
lastName: req.body.lastName,
username: req.body.username,
password: hash,
email: req.body.email,
accountType: 'Standard',
accountStatus: 'Active',
joinDate: now
});
user.save(function(err){
if(err){
console.log(err);
res.render('register.ejs', {csrfToken: req.csrfToken(),
error: err});
}else{
req.session.user = user;
res.redirect('/dashboard');
}
});
});
app.get('/login', function(req,res){
res.render('login.ejs', {
csrfToken: req.csrfToken(),error:false});
});
app.post('/login', function(req, res){
User.findOne({username: {$regex: new RegExp('^' + req.body.username, 'i')}}, function(err, user){
if(!user){
res.render('login.ejs', {error: 'Invalid username or password combination.',
csrfToken: req.csrfToken()});
}else{
if(bcrypt.compareSync(req.body.password, user.password)){
req.session.user = user;
res.redirect('/chat');
}else{
res.render('login.ejs', {error: 'Invalid username or password combination.',
csrfToken: req.csrfToken()});
}
}
});
});
app.get('/dashboard', requireLogin, function(req,res){
res.render('dashboard.ejs');
});
app.get('/chat', requireLogin, function(req,res){
res.render('chat.ejs');
});
app.get('/admin', requireLogin, requireAdmin, function(req,res){ //required logged in AND admin status
// var userlist = User.find({});
User.find({},{},function(err,docs){
res.render('admin.ejs',{ "userlist": docs
});
}) ;
// res.render('admin.ejs');
});
app.get('/logout', function(req,res){
req.session.reset();
res.redirect('/');
});
mongo.connect('mongodb://127.0.0.1/chat', function(err,db){
if(err) throw err;
client.on('connection', function(socket){
var col = db.collection('messages');
sendStatus = function(s){
socket.emit('status', s);
};
//emit all messages (shows old room data)
col.find().limit(100).sort({_id: 1}).toArray(function(err, res){
if(err) throw err;
socket.emit('output',res);
});
//wait for input
socket.on('input', function(data){
var name = data.name,
message = data.message,
whitespacePattern = /^\s*$/;
if(whitespacePattern.test(name) || whitespacePattern.test(message)){
sendStatus('Name and message is required.');
}else{
col.insert({name: name, message: message}, function(){
//emit latest message to all clients
client.emit('output', [data]);
sendStatus({
message: "Message sent",
clear: true
});
});
}
});
});
});
好的,我終於弄清楚了。 我使用express-session設置cookie,然后使用一個名為express-socket.io-session的模塊將其傳遞給socket.io。
從那里,我可以使用:
var data = socket.handshake.session; console.log(data.user.username);
檢索我需要的值。 所有這些天的搜索,這是一個非常簡單的解決方案。 我想我只需要睡覺!
如何在NodeJS上的socket.io中訪問cookie會話中間件?
[英]How do I access cookie-session middleware in socket.io on NodeJS?
節點:如何在快速會話中存儲數據,以便可以從socket.io訪問數據?
[英]Node: How do I store data in an express session, so that I can access it from socket.io?
[Express][Nodejs] 如何在 socket.io 連接期間解密 express-session cookie?
[英][Express][Nodejs] How to decrypt express-session cookie during socket.io connection?
如何在單頁面應用程序中使Express和Socket.io之間的會話變量保持同步?
[英]How do I keep session variables in sync between Express and Socket.io in a single page app?
如何在socket.io授權過程中讀取Express Cookie?
[英]How to read express cookie in socket.io authorization process?
Socket.IO 和 Express session 不共享他們的 session
[英]Socket.IO and Express session not sharing their session
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.