如何获取currentUser的sessionToken? [英] How to get the sessionToken for currentUser?
问题描述
我在heroku上托管的Web应用程序上工作.作为数据库,我尝试使用back4app.借助 back4app文档,我已经实现了登录.两天后,我试图让该会话可以使用.
I work on a web app hosted on heroku. As database I try to use back4app. With help of the back4app documention I have realized the log in. Since two days I try to get the session to work with it.
因此,我读了很多博客,文章,当然还有解析文档.但是我无法使其正常工作.希望您能找到我的问题.以下代码是我最近的尝试:
Therefore I have read a lot of blogs, articels and of course the parse documentation. But I'm not able to get it to work. I hope, you will find my problem. Following code is my lastest attempt:
const express = require('express');
const server = express();
const path = require('path');
const bodyParser = require('body-parser');
const port = process.env.PORT || 8080;
const back4app = require('parse/node');
back4app.initialize("xxx","yyy");
back4app.serverURL = 'https://parseapi.back4app.com/';
server.use(express.static('web'));
server.use(bodyParser.json());
server.get('/lgn', (req, resp) => {
console.log("server.get('/lgn',...");
resp.sendFile(path.join(__dirname + '/web/login.html'));
});
server.post('/lgn', (req, resp) => {
const data = req.body;
console.log("server.post('/lgn',...");
if(data.email != undefined){
console.log(data.email);
resetPassword(data);
} else{
logIn(data, function(err, user){
console.log(user.get("sessionToken"));
//How to get the user object in other routes?
console.log('session');
back4app.User.enableUnsafeCurrentUser(); //is this a secure solution?
back4app.User.currentAsync().then(function(userObj) {
console.dir(userObj.get("sessionToken"));
});
if(user){
resp.send( JSON.stringify( {url: '/'}) );
} else{
console.log(err);
}
});
}
});
function logIn(data, cb) {
// Create a new instance of the user class
var user = back4app.User
.logIn(data.username, data.password)
.then(function(user) {
console.log('User successful logged in with name: ' + user.get("username"));
cb(null, user);
})
.catch(function(error){
console.log("Error: " + error.code + " " + error.message);
cb(error);
});
}
server.listen(port, (err) => {
if (err) {
return console.log('something bad happened', err)
}
console.log(`server is listening on ${port}`)
});
userObj为空.但为什么?我该怎么做,才能在其他路线上获得currentUser和他的会话?
The userObj is null. But why? What I have to do, that I get the currentUser and his session in other routes?
(我也尝试过使用back4app.Session,但没有得到我想要的东西.)
(I have also tryed to work with back4app.Session, but didn't get, what I want.)
推荐答案
在Node.js应用中使用 currentUser 方法是不安全的.
It is unsafe to use the currentUser methods in a Node.js app.
代替:
logIn(data, function(err, user){
console.log(user.get("sessionToken"));
//How to get the user object in other routes?
console.log('session');
back4app.User.enableUnsafeCurrentUser(); //is this a secure solution?
back4app.User.currentAsync().then(function(userObj) {
console.dir(userObj.get("sessionToken"));
});
if(user){
resp.send( JSON.stringify( {url: '/'}) );
} else{
console.log(err);
}
});
使用:
logIn(data, function(err, user){
// This is your session token. You will have to send it back to your client. The client should store it and send it to the server in the other routes.
const sessionToken = user.get("sessionToken");
console.log(sessionToken);
//How to get the user object in other routes?
//In order to get the user in other routes you will have to use the sessionToken like this:
back4app.User.me({ sessionToken }).then(function(userObj) {
console.dir(userObj.get("sessionToken"));
});
if(user){
resp.send( JSON.stringify( {url: '/'}) );
} else{
console.log(err);
}
});
这篇关于如何获取currentUser的sessionToken?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
