带有路由器的 expressjs 中的会话处理 [英] session handling in expressjs with router

问题描述

我正在使用 expressJS，我对会话有点困惑.我有 1 个单一的 expressJS 服务器，可以从不同的 URL 访问.根据连接来自何处(打开哪个 URL)，使用不同的数据库来提供响应.我可以看到会话是冲突的.

I'm using expressJS, and I'm a bit confused about sessions. I have 1 single expressJS server, which is reachable from different URLs. Depending on where the connection is coming frmo (which URL is opened), a different database is used to provide the responses. And I can see that the sessions are conflicting.

我的假设是我应该根据请求的 URL 设置不同的 cookie 名称，但似乎我无法在会话配置中指定一个函数.

My assumption is that I should be setting different cookie names, based on the URL of the request, but it seems I can't specify a function within the session config.

有什么想法吗?

var app = express();
var session = require('express-session');

var router = express.Router();

app.use('/a_route', router);
app.use('/b_route', router);

router.use(session({
    genid: function(req) {
    return require('crypto').randomBytes(48).toString('hex'); // use UUIDs for session IDs
    },
    secret: 'JollynakAjollynakAjollynakApamPam',
    resave: false,
    saveUninitialized: false,
    name: **THIS SHOULD BE DYNAMIC BASED ON URL???**
}));

编辑

//declare session variable
var sess ="";


router.post('/login', function (req, res, next) {

    sess = req.session;

    var uname = req.body.username;
    var pwd = req.body.password;
    var authResult = null;

    sess.username = uname;
    sess.instance = req.baseUrl.replace('/', '');
})

以及一个 AJAX 调用示例

And an example AJAX call

router.get('/getSomething', function (req, res) {

    service.getCaps(sess.instance, function (response) {
        res.send(JSON.stringify(response));
    });
});

推荐答案

您的 cookie 不一定与您的数据库相关联.您的所有路由共享一个 cookie 存储.名称"指的是您的会话 cookie 的名称，这适用于您的所有路由(这就是 express-session 是 app.use 中调用的中间件的原因).一般来说，每个 express 应用程序只有一个会话.如果你真的想用多个会话存储来区分这些，你需要创建多个 express 应用来处理你的路由.

Your cookies aren't necessarily tied to your databases. All of your routes share one cookie store. "Name" refers to the name of your session cookie and this applies to all of your routes (that's why express-session is middleware called in app.use). In general you will only have one session per express app. If you really want to distinguish these with multiple session stores, you'll want to create multiple express apps to handle your routes.

在您的情况下，您似乎真的应该使用两个完全不同的路由器和两个完全独立的 URL 集.您将有一些重复的代码，但由于您正在处理两个不同的数据库、两个不同的会话"和两个不同的 URL，因此将它们分开是有意义的.然后，您可以为每个路由设置唯一的会话变量(例如 req.session.aLogin 和 req.session.bLogin)；

In your situation, it looks like you should really be using two entirely different routers with two entirely separate sets of URLS. You'll have some duplicate code, but since you're dealing with two separate databases, two different "sessions", and two different URLs it makes sense to separate them. Then you can have unique session variables for each route (e.g. req.session.aLogin and req.session.bLogin);

var routerA = express.Router();
var routerB = express.Router();

app.use('/a_route', routerA);
app.use('/b_route', routerB);

另一种方法是在路由中处理不同的会话变量.

Another approach is just to juggle separate session variables within your routes.

router.post('/login', function (req, res) {
   req.session[req.baseUrl + 'auth'] = true;
});

router.get('/something', function (req, res) {
   if (req.session[req.baseUrl + 'auth'] { //User is authenticated for this particular database
       //Rest of your code
   }
});

这篇关于带有路由器的 expressjs 中的会话处理的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！