了解如何使用NodeJS创建一个简单的后端 [英] Understanding how to use NodeJS to create a simple backend

问题描述

我一直在尝试在nodejs中开发一个相当简单的服务器。基本上，我要的是一个需要身份验证的简单API（简单的用户名/密码样式）。我所做的不需要的是任何类型的前端功能（模板等）。我的问题是，我似乎无法理解快递/节点的方法。


具体来说，我的问题是：

I have been trying to develop a rather simple server in nodejs. Basically, what I am going for is a simple API that requires authentication (simple username/password style). What I do not need is any kind of frontend functionality (templating etc.). My problem is, I can't seem to get my head around the approach of express/node.

Specifically, my questions are:

• 如何连接身份验证？我是否将几个处理程序传递到需要身份验证的每个路由中，或者是否有更优雅的方法来执行此操作？


• Express中间件如何（如 app.use （express.bodyParser（）））工作？它们是否会更改请求或响应对象的内容？具体来说，如果我使用主体解析器（内部强大？），我在哪里可以访问应该解析的请求数据？


• 使用身份验证时，我有，例如，存储的凭据一个数据库，其中包含有关各个客户端关联的更多信息，我在何时提取该信息？即，当用户登录时，我是否在登录时获取用户记录并将其传递，或者我是否在每个需要该信息的处理程序中获取它？


• 最终，你知道吗？我可以看看一个开源应用程序？我希望看到一些具有简单身份验证的东西，甚至可能使用强大的东西，因为上传文件是我的要求之一。

• How do I wire in the authentication? Do I pass several handlers into every route that requires authentication, or is there a more elegant way to do this?
• How does the Express middleware (like app.use(express.bodyParser())) work? Do they alter contents of the request or response object? Specifically, if I use the body parser (internally formidable?), where do I access the request data this is supposed to parse?
• When using authentication and I have, say, credentials stored in a database with more information about the individual client associated, at what point do I extract that information? I.e., when a user logs in, do I fetch the user record on login and pass it on, or do I fetch it in every handler that requires the information?
• Ultimately, do you know of an open source application that I could take a look at? I'd like to see something that has simple authentication and maybe even utilizes formidable, since uploading a file is one of my requirements.

正如我之前提到的，我相信我的问题最终是节点中面向函数的方法的一个难点（同样，我在Web服务编程方面的经验相当有限）。如果您知道我可以阅读有关如何构建nodejs应用程序的资源，请不要犹豫，请指点我。

As I mentioned earlier, I believe my problem is ultimately a difficulty with the function-oriented approach in node (also, I have rather limited experience in webservice programming). If you know a resource where I could read up on how to approach architecting a nodejs app, please don't hesitate to point me to it.

推荐答案

如何连接身份验证？我是否需要在每条需要身份验证的路由中将多个处理程序传递给
，或者是否有更优雅的
方式来执行此操作？

How do I wire in the authentication? Do I pass several handlers into every route that requires authentication, or is there a more elegant way to do this?

您应该使用会话中间件。这是一些伪代码：

You should use the session middleware. Here is some pseudo code:

var http = require('http');
var app = express();

var authorize = function(req, res, next) {
    if(req.session && req.session.appname && req.session.appname === true) {
        // redirect to login page
        return;
    }
    next();
}

app.use(express.session());
app.all('/admin*', authorize, function(req, res, next) {

});

Express中间件如何（如app.use（express.bodyParser） （）））
工作？它们是否会改变请求或响应对象的内容？
具体来说，如果我使用身体解析器（内部强大？），我在哪里
访问应该解析的请求数据？

How does the Express middleware (like app.use(express.bodyParser())) work? Do they alter contents of the request or response object? Specifically, if I use the body parser (internally formidable?), where do I access the request data this is supposed to parse?

每个中间件都可以访问请求和响应对象。所以，是的，它会修改它。通常会将属性附加到它。这意味着你的处理程序（也是一个中间件）你可以写：

Every middleware have an access to the request and response object. So, yes, it modifies it. Normally attach properties to it. This means that inside your handler (which is also a middleware) you may write:

if(req.body && req.body.formsubmitted && req.body.formsubmitted === 'yes') {
    var data = {
        title: req.body.title,
        text: req.body.text,
        type: req.body.type
    }
    // store the data
}

使用身份验证时，我有一个存储在
数据库中的凭据，其中包含有关各个客户端关联的更多信息，
我在什么时候提取这些信息？即，当用户记录
时，我是否在登录时获取用户记录并将其传递，或者我是否在每个需要该信息的处理程序中获取
？

When using authentication and I have, say, credentials stored in a database with more information about the individual client associated, at what point do I extract that information? I.e., when a user logs in, do I fetch the user record on login and pass it on, or do I fetch it in every handler that requires the information?

我认为你应该采用与任何其他服务器端语言相同的方式。保持用户的状态（已记录/未记录）在会话中。您也可以保留用户的ID并为他提取任何您需要的数据。这取决于您的情况，但您可以缓存信息。因为节点不像PHP那样，我的意思是它不会死。

I think that you should do the things the same way as in any other server side language. Keep the state of the user (logged/not-logged) inside a session. You may also keep the user's id and fetch the data for him whatever you need. It depends of your case, but you have the ability to cache information. Because node is not like PHP for example, I mean it's not dieing.

最后，你知道一个我可以看看的开源应用吗？我希望看到一些简单的
身份验证，甚至可能使用强大的东西，因为上传
文件是我的要求之一。

Ultimately, do you know of an open source application that I could take a look at? I'd like to see something that has simple authentication and maybe even utilizes formidable, since uploading a file is one of my requirements.

是的。我写了一篇关于真正简单的MVC网站和管理面板的文章。它可以这里。它的代码是这里。

Yep. I wrote an article about really simple MVC web site with admin panel. It is available here. And the code of it is here.

这篇关于了解如何使用NodeJS创建一个简单的后端的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！