Node.js-中间件中的res.redirect问题 [英] Node.js - Issue with res.redirect in middleware
问题描述
我试图在加载所有页面之前使用authenticateUser()中间件.我没有在每次调用中都包含它(例如在app.get('/',authenticateUser,function()...)中),而是尝试在调用app.use(app.router)之前使用app.use(authenticateUser)进行设置. ).
I'm trying to use a authenticateUser() middleware before loading all of my pages. Instead of including it in each call (as in app.get('/', authenticateUser, function()...)), I tried setting it with app.use(authenticateUser) right before calling app.use(app.router).
但是,这没有用. authenticateUser基本上是:
This didn't work, however. authenticateUser is basically:
if (req.session.loginFailed) {
next()
else {
if (req.session.user_id) {
...
if (userAuthenticated) {
next();
} else {
req.session.loginFailed = true;
console.log('setting loginFailed to true');
res.redirect('/login');
}
}
}
然后在app.get('/login')中将req.session.loginFailed设置为false;
And then in app.get('/login') I set req.session.loginFailed to be false;
这应该可以,但是我只想在我的实际页面之一的app.get()或app.post()等上调用它.我认为它多次调用许多不同的请求(因为加载一页后,多次调用将loginFailed设置为true")
This should work, but I only want to call it on an app.get() or app.post() etc. for one of my actual pages. I think its getting called lots of times for many different requests (because upon loading one page, 'setting loginFailed to true' is called many times)
是否有更好的方法可以做到这一点?还是应该在网站上的每个页面之前简单地调用它?
Is there a better way to do this? Or should I simply be calling it before every page on my site?
推荐答案
我认为您正在进行过多的检查.只有一条路由可以处理用户登录(检查用户名和密码,如果成功,则将用户名存储在会话中),并且应该仅在需要认证的路由(不是全部)上分配认证中间件.
You are doing way too many checks out there in my opinion. Only one route should handle user login (check for user & pass, and store the username in the session if succeeded) and you should assign the auth middleware only on the routes that require auth (not all).
我提供了一个简化的示例,以便您理解我的观点:
I've put up a simplified example so you can understand my point:
登录路径
app.post('/login', function (req, res) {
var variables_set = (req.body.user && req.body.pass);
if (variables_set && (req.body.user === 'username') && (req.body.pass === 'password')) {
req.session.username = req.body.user;
} else {
res.redirect('/login?failed=true');
}
});
身份验证中间件
if (!req.session.username) {
res.redirect('/login');
} else {
next();
}
您可以在Alex Young的Nodepad应用程序中看到一个更完整的示例: https://github.com/alexyoung /nodepad (此处为该应用程序的教程: http://dailyjs.com/tags.html# lmawa )
You can see a more complete example in action in Alex Young's Nodepad application: https://github.com/alexyoung/nodepad (tutorials for that app here: http://dailyjs.com/tags.html#lmawa )
这篇关于Node.js-中间件中的res.redirect问题的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!