Express：是否可以绕过静态文件的会话？ [英] Express: is it possible to bypass sessions for static files?

问题描述

我正在使用一个非常简单的Express + Mongoose + Passport + Connect-mongo设置，一切正常。令我困惑的唯一的事情是，我可以看到即使对于静态文件也是 - 从我的应用程序的角度来看，绝对没有意义的 passport.unserializeUser / p>

我可以理解，有些情况下，您希望静态文件在某种授权下也可以提供，但我不知道我如何跳过整个会话

（在生产环境中，我无法使用Cookie进行资产管理）

解决方案

中间件按照添加的顺序进行调用。只需将静态中间件移动到 app.js 中的早期。

例如：

  app.use（express.static（__ dirname +/ public））; 
 //任何其他中间件
 app.use（passport（））; //或者你的护照配置看起来像
  

I'm using a quite straightforward setup of Express + Mongoose + Passport + Connect-mongo, and everything works fine. The only thing that is puzzling me, is that I can see the passport.unserializeUser called even for static files, which is - from my application point of view - absolutely pointless.

I can understand that there are cases where you want the static files to be served under some sort of authorization as well, but I wonder how I could "skip" the whole session middleware in case I'm serving a static file.

(In a production environment I could not use cookies for assets)

解决方案

Middleware is called upon in the order it was added. Just move the static middleware to be very early in your app.js.

For example:

app.use(express.static(__dirname + "/public"));
// any other middleware
app.use(passport()); // or whatever your passport config looks like

这篇关于Express：是否可以绕过静态文件的会话？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！