根据请求快速会话不同的cookie域? [英] Express session with different cookie domain per request?
问题描述
我有一种情况,可以从多个不同的域访问应用程序。例如, foo.com 和 bar.com 可以在理论上指向我的应用程序。此外,他们的子域名也可以指向我的应用程序,例如 red.foo.com 和 blue.foo.com 。我正在使用Express cookie会话,我的初始化代码如下所示:
I have a situation where an app can be accessed from multiple different domains. For instance, foo.com and bar.com could both in theory point to my app. Additionally, their subdomains can also point to my app, so for instance red.foo.com and blue.foo.com. I'm using Express cookie sessions, and my initialization code for the session looks like that:
app.use(express.session({
secret: "secret",
cookie: {
domain: ".foo.com"
},
store: new MongoStore({
db: db
})
}));
当用户通过 foo.com 或任何它是子域,但是> 将不起作用。我需要同时拥有这两个。理想情况下,我会根据请求将其设置为不同的域,但我不知道该怎么做。我的请求是高度异步的,如果我只是在每个请求下为整个应用程序设置它,我担心这两个呼叫一次进来可能不起作用。
That works well for when users go through foo.com or any of it's subdomains, but bar.com won't work. I need to have both at once. Ideally, I would set it to a different domain per request, but I'm not sure how I would do that. My requests are highly asynchronous and if I just set it for the whole app at every request, I fear it might not work when two calls come in at once.
这是在所有可能的有没有人有任何想法来解决这个问题?
Is this at all possible? Does anyone have any ideas to solve this?
推荐答案
这是你做的:
- 编写一个中间件,您的应用程序可以在该中间件中使用默认的express.session中间件
- ,基于
主机请求头指定并配置每个域的快速会话中间件的实例,然后实际执行适合此请求的中间件功能
- write a middleware your app can use in place of the default express.session middleware
- in that middleware, based on the
hostrequest header instatiate and configure on instance of the express session middleware per domain, and then actually execute the middleware function appropriate for this request
伪代码
var mwCache = Object.create(null);
function virtualHostSession(req, res, next) {
var host = req.get('host'); //maybe normalize with toLowerCase etc
var hostSession = mwCache[host];
if (!hostSession) {
hostSession = mwCache[host] = express.session(..config for this host...);
}
hostSession(req, res, next);
//don't need to call next since hostSession will do it for you
}
app.use(virtualHostSession);
我的请求是高度异步,如果我只是在每个请求下为整个应用程序设置它,我恐怕在两个电话立即进入时可能不起作用。
My requests are highly asynchronous and if I just set it for the whole app at every request, I fear it might not work when two calls come in at once.
绝对你不能这样做这将是完全不正确的。
Absolutely you cannot do that. It will be utterly incorrect.
这篇关于根据请求快速会话不同的cookie域?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
