具有Express Backend&的React App表达会议 [英] React App with Express Backend & express-session
问题描述
我目前有一个React App(通过 create-react-app
)和一个用于我的API调用的Express服务器.它们都分别运行,并且在我遇到此问题之前一直运行良好:
I currently have a React App (via create-react-app
) and an Express server for my API calls. They are both running separately and have been working fine until I ran into this problem:
我还使用 express-session
和 passport
进行用户身份验证.我可以对用户进行身份验证,但会话不会在API调用之间持续存在.如果我成功登录,则下次我进行API调用时, req.sessionID
将不同,并且 req.isAuthenticated()
将返回 false
.
I'm also using express-session
and passport
for user authentication. I'm able to authenticate users but the session doesn't persist between API calls. If I successfully login, the next time I make an API call, req.sessionID
will be different, and req.isAuthenticated()
will return false
.
这是我的服务器代码:
'use strict'
var express = require('express');
var path = require('path');
var bodyParser = require('body-parser');
var cookieParser = require('cookie-parser');
var mongoose = require('mongoose');
var passport = require('passport');
var session = require('express-session');
var cors = require('cors');
var flash = require('connect-flash');
var store = require('./store');
var database = require('./database');
var app = express();
var port = process.env.port || 3001;
var router = express.Router();
var promise = mongoose.connect('mongodb://localhost:27017/lifeless-db', {useMongoClient: true});
//app.use(cors());
app.use(bodyParser.urlencoded({ extended: true }));
app.use(bodyParser.json());
app.use(cookieParser('lifeless-secret-01890'));
app.use(session({
secret: 'lifeless-secret-01890',
saveUninitialized: true,
cookie: {
secure: false,
}
}));
app.use(flash());
app.use(passport.initialize());
app.use(passport.session());
// Initialize Passport
var authinit = require('./auth/init');
authinit(passport);
// For debugging:
app.use(function(req, res, next) {
console.log("SessionID: " + req.sessionID);
console.log(req.isAuthenticated() ? "This user is logged in" : "This user is NOT logged in");
next();
});
// GET
app.get('/items', function(req, res) {
store.getAllItems((items) => {
if(!items) return res.send({error: true, message: 'Error loading store :/', items: null});
else return res.send({error: false, message: 'Success', items: items});
});
});
app.get('/login', function(req, res) {
console.log(req.flash());
console.log("Login fail");
res.send({error: true, message: 'Unknown error'});
});
// POST
app.post('/message', function(req, res) {
database.submitMessage(req.body.email, req.body.message, (success) => {
if (success) return res.send({error: false, message: 'Success'});
else return res.send({error: true, message: 'Error sending message'});
});
});
app.post('/login', passport.authenticate('local', {failureRedirect: '/login', failureFlash: true}), function(req, res) {
console.log(req.flash());
console.log("Login success");
return res.send({error: false, message: 'Success'});
});
// SERVER
app.listen(port, function(){
console.log('Server started.');
console.log('Listening on port ' + port);
});
这是一个从React App调用API的示例(使用 axios
):
And here is an example of an API call from the React App (using axios
):
login(e) {
e.preventDefault();
axios({
method: 'post',
url: 'http://localhost:3001/login',
data: {
username: this.state.username,
password: this.state.password,
}
})
.then((response) => {
console.log(response.data);
if (response.data.error) {
this.setState({error: true, errmessage: response.data.message});
} else {
this.setState({redirect: true});
}
})
.catch((error) => {
this.setState({error: true, errmessage: 'Error logging in'});
});
}
我认为必须有某种方法可以让React以某种方式存储会话(?),但是我对React还是很陌生,并且并不真正知道如何在快速后端使用它.
I figure there must be some way to have React store the session somehow (?) but I'm fairly new to React and don't really know how to use it with an express backend.
推荐答案
您来自React客户端的axios请求需要与凭据一起发送.要解决此问题,请在您的计算机上执行 axios.defaults.withCredentials = true;
或执行 axios.get('url',{withCredentials:true})...
expressjs后端,设置cors选项凭据:true
Your axios request from your React client needs to be sent withCredentials. To fix it, either do axios.defaults.withCredentials = true;
or do axios.get('url', {withCredentials: true})...
Also in your expressjs backend, set cors options credentials: true
这篇关于具有Express Backend&的React App表达会议的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!