socket.io并表达4个会话 [英] socket.io and express 4 sessions
问题描述
我是一个新的Node,我有一些麻烦实现这个功能。
我发现一个npm模块,允许访问快速4会话: https://www.npmjs.org/package/session.socket.io- express4 或 https://github.com/eiriklv/session.socket.io
如果你看下我的app.js代码,我在会话中做错了
, sessionStore
或 cookieParser
安装程序,因为我无法使此模块正常工作。
// init modules
var express = require('express');
var helmet = require('helmet');
var fs = require('fs');
var path = require('path');
var favicon = require('static-favicon');
var logger = require('morgan');
var cookieParser = require('cookie-parser');
var bodyParser = require('body-parser');
var session = require('express-session');
var memoryStore = session.MemoryStore;
var app = express();
//设置变量
var options = {
key:fs.readFileSync('./ openssl_keys / server_key.pem'),
cert:fs.readFileSync ('./openssl_keys/server_cert.pem')
};
var cookieSecret =secret phrase;
var sessionStore = new memoryStore();
app.set('env',process.env.NODE_ENV ||'development');
//查看引擎设置
app.set('views',path.join(__ dirname,'views'));
app.set('view engine','ejs');
app.use(favicon());
app.use(logger('dev'));
app.use(bodyParser.json());
app.use(bodyParser.urlencoded());
app.use(cookieParser(cookieSecret));
app.use(session({
secret:cookieSecret,
cookie:{httpOnly:true,secure:true},
store:sessionStore
}));
app.use(function(req,res,next){
res.locals.session = req.session;
next();
});
app.use(express.static(path.join(__ dirname,'public')));
//路由
require('./ routes / index')(app);
require('./ routes / test')(app);
//启动http和https服务器
var http = require('http')。createServer(app).listen(8000,function(){
console.log(http server listen on port 8000);
});
var https = require('https')。createServer(options,app).listen(8080,function(){
console.log(https server listening on port 8080);
});
//启动socket.io&会话处理程序
var serverIO = require('socket.io')。listen(https);
var SessionSockets = require('session.socket.io-express4');
var io = new SessionSockets(serverIO,sessionStore,cookieParser);
io.on('connection',function(err,socket,session){
if(err)throw err;
console.log(connected);
//console.log(session);
socket.on('clientMessage',function(content){
console.log(received client message)
console.log (内容);
});
});
module.exports = app;
我尝试过多种可能性,如:
- 禁用
https
服务器。 - 设置一个
cookieParser
具有秘密短语的对象(因此实际将秘密短语导出为io = new SessionSockets(serverIO,sessionStore,cookieParser);
) - 使用最小的
cookie
选项。
无论如何我是
更新
好的,所以经过无数尝试,我想我可以得到它的工作!
问题是cookieParser初始化,正确的方式似乎是:
var cookieParser = require('cookie-parser');
app.use(cookieParser());
app.use(session({
secret:secret phrase,
cookie:{httpOnly:true,secure:true},
store:sessionStore
} ));
var io = new SessionSockets(serverIO,sessionStore,cookieParser());请注意,如果我使用 var io = new SessionSockets(serverIO,sessionStore,
< cookieParser); (而不是 cookieParser()
)然后它不工作。
如果我使用:
app.use(cookieParser(secret phrase));
app.use(session({
secret:secret phrase,
cookie:{httpOnly:true,secure:true},
store:sessionStore
} ));
var io = new SessionSockets(serverIO,sessionStore,cookieParser(secret phrase));
然后模块崩溃并显示以下错误消息:
session.socket.io-express4 / session.socket.io.js:41
ake.signedCookies [key] = handshake.signedCookies [key] .match (。*):/ \ ./)POP();
^
TypeError:不能调用方法'pop'为null
但是我使用:
app.use(cookieParser(secret phrase));
app.use(session({
secret:secret phrase,
cookie:{httpOnly:true,secure:true},
store:sessionStore
} ));
var io = new SessionSockets(serverIO,sessionStore,cookieParser());
然后一切都很好。
在Cookie解析器文档中( https://github.com/expressjs/cookie-parser )这是说你可以通过一个密钥来获得cookies的签名。这是我想要的东西。
有人可以向我解释与Cookie解析器秘密短语和会话秘密短语的关系吗?
这是以下环境的解决方案:
- express 4.2.0
- socket.io 1.1.0
- cookie-parser 1.0.1
- cookie-session 1.0.2
代码:
var cookieParser = require('cookie-parser')();
var session = require('cookie-session')({secret:'secret'};
...
app.use(cookieParser);
app.use(session);
...
io.use(function(socket,next){
var req = socket。握手;
var res = {};
cookieParser(req,res,function(err){
if(err)return next(err);
session(req,res ,下一个);
});
});
然后你可以从套接字握手访问会话:
io.on('connection',function(socket){
console .log(Session:,socket.handshake.session);
});
为了让人想知道如何/为什么这样工作:
- 我们发送
握手
请求通过cookie解析器,以便cookie可用 - 然后,我们通过会话中间件发送
握手
,就好像它正常的请求 - 中间件附加
会话
请求 - 我们使用
handshake
,因为所有意图和目的,这是一个正常的请求,解析器和会话中间件可以正确处理。这就是为什么你必须通过握手访问
会话
I would like to access the express 4 session in my socket.io app. I'm kind of new with Node and I have some troubles implementing this functionality.
I found a npm module that allows access to the express 4 session : https://www.npmjs.org/package/session.socket.io-express4 or https://github.com/eiriklv/session.socket.io
If you look at my app.js code below, I'm doing something wrong in the session
, sessionStore
or cookieParser
setup because I just can't get this module working.
// init modules
var express = require('express');
var helmet = require('helmet');
var fs = require('fs');
var path = require('path');
var favicon = require('static-favicon');
var logger = require('morgan');
var cookieParser = require('cookie-parser');
var bodyParser = require('body-parser');
var session = require('express-session');
var memoryStore = session.MemoryStore;
var app = express();
// set variables
var options = {
key: fs.readFileSync('./openssl_keys/server_key.pem'),
cert: fs.readFileSync('./openssl_keys/server_cert.pem')
};
var cookieSecret = "secret phrase";
var sessionStore = new memoryStore();
app.set('env', process.env.NODE_ENV || 'development');
// view engine setup
app.set('views', path.join(__dirname, 'views'));
app.set('view engine', 'ejs');
app.use(favicon());
app.use(logger('dev'));
app.use(bodyParser.json());
app.use(bodyParser.urlencoded());
app.use(cookieParser(cookieSecret));
app.use(session({
secret: cookieSecret,
cookie: {httpOnly: true, secure: true},
store: sessionStore
}));
app.use(function(req, res, next){
res.locals.session = req.session;
next();
});
app.use(express.static(path.join(__dirname, 'public')));
//routes
require('./routes/index')(app);
require('./routes/test')(app);
// starting http and https servers
var http = require('http').createServer(app).listen(8000, function(){
console.log("http server listening on port 8000");
});
var https = require('https').createServer(options, app).listen(8080, function(){
console.log("https server listening on port 8080");
});
// starting socket.io & session handler
var serverIO = require('socket.io').listen(https);
var SessionSockets = require('session.socket.io-express4');
var io = new SessionSockets(serverIO, sessionStore, cookieParser);
io.on('connection', function(err, socket, session){
if(err) throw err;
console.log("connected");
//console.log(session);
socket.on('clientMessage', function(content) {
console.log("received client message")
console.log(content);
});
});
module.exports = app;
I tried multiples possibilities like :
- Disabling
https
server. - Setting up a
cookieParser
object with secret phrase (so it "actually" exports the secret phrase toio = new SessionSockets(serverIO, sessionStore, cookieParser);
) - Using minimal
cookie
options.
Anyway I'm a bit lost with this, any suggestions/critics are welcome.
UPDATE
Ok so after numerous tries I think I could get it work!
The problem is with the cookieParser initialization which the correct way seems to be :
var cookieParser = require('cookie-parser');
app.use(cookieParser());
app.use(session({
secret: "secret phrase",
cookie: {httpOnly: true, secure: true},
store: sessionStore
}));
var io = new SessionSockets(serverIO, sessionStore, cookieParser());
Notice that if I use var io = new SessionSockets(serverIO, sessionStore, cookieParser);
(instead of cookieParser()
) then it ain't working. That seems to be the problem.
If I use :
app.use(cookieParser("secret phrase"));
app.use(session({
secret: "secret phrase",
cookie: {httpOnly: true, secure: true},
store: sessionStore
}));
var io = new SessionSockets(serverIO, sessionStore, cookieParser("secret phrase"));
then the module crashes with the following error message :
session.socket.io-express4/session.socket.io.js:41
ake.signedCookies[key] = handshake.signedCookies[key].match(/\:(.*)\./).pop();
^
TypeError: Cannot call method 'pop' of null
But if I use :
app.use(cookieParser("secret phrase"));
app.use(session({
secret: "secret phrase",
cookie: {httpOnly: true, secure: true},
store: sessionStore
}));
var io = new SessionSockets(serverIO, sessionStore, cookieParser());
Then everything looks fine.
Now in the cookie-parser doc (https://github.com/expressjs/cookie-parser) it's saying you can pass a secret key to get the cookies signed. Which is something I'd like to have.
Could someone explain me the relation with the cookie-parser secret phrase and the session secret phrase ? Do they have to be the same/different ?
Here's my solution for the following environment:
- express 4.2.0
- socket.io 1.1.0
- cookie-parser 1.0.1
- cookie-session 1.0.2
Code:
var cookieParser = require('cookie-parser')();
var session = require('cookie-session')({ secret: 'secret' };
...
app.use(cookieParser);
app.use(session);
...
io.use(function(socket, next) {
var req = socket.handshake;
var res = {};
cookieParser(req, res, function(err) {
if (err) return next(err);
session(req, res, next);
});
});
Then you can access the session from the socket's handshake:
io.on('connection', function (socket) {
console.log("Session: ", socket.handshake.session);
});
For people wondering how/why this works:
- We send the
handshake
request through the cookie parser so that cookies are available - Then we send the
handshake
through session middleware as if its a normal request - The middleware attaches
session
to the request - We use
handshake
because for all intents and purposes, it is a normal request, and the parser and session middleware can deal with it properly. This is why you must access thesession
through thehandshake
这篇关于socket.io并表达4个会话的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!