无法在Express / NodeJS中访问req.session变量 [英] Cannot access req.session variables in Express/NodeJS
问题描述
Express 设置一个 Node.js 服务器。这是我的服务器配置: var express = require('express'),
RedisStore = require -redis')(表达);
var app = express();
app.use(express.urlencoded());
app.use(express.json());
app.use(express.cookieParser());
app.use(express.session({
store:new RedisStore(),
secret:APP_SECRET
}));
//初始化redis连接
var client = redis.createClient();
client.on('connect',function(){
console.log('Connected to Redis server')
})
client.on('error',function (err){
console.log('Error'+ err);
});
//启用跨原始资源共享
app.all('*',function(req,res,next){
res.header('Access-Control-允许 - 原始','*');
res.header('Access-Control-Allow-Headers','X-Requested-With');
next();
} );
var api = require('./ controllers / api.js');
app.post('/ login',api.login);
app.get('/ auth',api.auth);
app.listen(3000);
这里有一些简单的路线:
exports.login = function(req,res){
var user = new User(req.username,req.password);
req.session.user = user;
console.log(req.session.user); // works
res.json({user:user});
}
exports.auth = function(req,res){
console.log(req.session.user); //不起作用
res.json(req.session.user);
}
所以在我的登录 route,我可以按预期打印会话变量。但是,如果在访问登录路由之后访问 auth 路由,则会话变量未定义。如何获得Express会话?
在典型的Web应用程序中,用于验证用户的凭据将仅在登录请求期间传输。如果身份验证成功,将通过用户浏览器中设置的cookie建立和维护会话。
每个后续请求都不包含凭据或所有用户数据,而是识别会话的唯一Cookie。为了支持登录会话,您必须在每个请求中对用户实例进行序列化和反序列化。
在您的情况下,您已经分配了 req.session.user = user; 仅在 / login 请求中。它不可用于进一步的请求( / auth )。
您必须通过会话ID获取 / auth 请求中的用户信息。 (或)更好的是,您可以使用护照进行身份验证。
I've seen many variations of this question, but none seemed to solve my issue. I'm trying to set up a Node.js server using Express. Here is my server configuration:
var express = require('express'),
RedisStore = require('connect-redis')(express);
var app = express();
app.use(express.urlencoded());
app.use(express.json());
app.use(express.cookieParser());
app.use(express.session({
store: new RedisStore(),
secret: APP_SECRET
}));
// Initialize redis connection
var client = redis.createClient();
client.on('connect', function() {
console.log('Connected to Redis server')
})
client.on('error', function (err) {
console.log('Error ' + err);
});
// Enable cross-origin resource sharing
app.all('*', function(req, res, next) {
res.header('Access-Control-Allow-Origin', '*');
res.header('Access-Control-Allow-Headers', 'X-Requested-With');
next();
});
var api = require('./controllers/api.js');
app.post('/login', api.login);
app.get('/auth', api.auth);
app.listen(3000);
And here are some simple routes:
exports.login = function(req, res) {
var user = new User(req.username, req.password);
req.session.user = user;
console.log(req.session.user); //works
res.json({user:user});
}
exports.auth = function(req, res) {
console.log(req.session.user); //doesn't work
res.json(req.session.user);
}
So in my login route, I can print the session variable as expected. But if I visit the auth route after visiting the login route, the session variable is undefined. How can I get Express sessions to work?
In a typical web application, the credentials used to authenticate a user will only be transmitted during the login request. If authentication succeeds, a session will be established and maintained via a cookie set in the user's browser.
Each subsequent request will not contain credentials or all user data, but rather the unique cookie that identifies the session. In order to support login sessions, You have to serialize and deserialize user instances to and from the session in every request.
In your case, you have assigned req.session.user = user; only in /login request. It will not be available for further requests(/auth).
You have to get user information in /auth request too by session id. (Or) Better you can use passport for authentication.
这篇关于无法在Express / NodeJS中访问req.session变量的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
