【发布时间】:2023-01-23 23:41:08
【问题描述】:
TLDR:
为什么我需要访问会话对象
app.use((req, res, next) => {
req.session.init = "init";
next();
});
...在会话中间件之后的 app.js 中使其工作?不这样做意味着不会保存会话,并且不会设置 cookie。
**编辑:我不认为这是 cookie 设置的问题,因为会话也没有被保存,并且当包含上述代码时,cookie 和会话都很好
原始问题:
我正在使用 Express-Sessions 尝试将会话存储在我的数据库 (MySQL) 中。
由于某种原因,它停止保存会话并返回 cookie。我的 Express 日志如下所示:
express:router dispatching POST /auth/login +18s
express:router query : /auth/login +0ms
express:router expressInit : /auth/login +1ms
express:router session : /auth/login +0ms
express-session no SID sent, generating session +1ms
express:router <anonymous> : /auth/login +1ms
express:router jsonParser : /auth/login +0ms
express:router urlencodedParser : /auth/login +1ms
express:router trim prefix (/auth) from url /auth/login +0ms
express:router router /auth : /auth/login +1ms
express:router dispatching POST /login +0ms
但是,如果我添加:
// *This code makes Express-Session work*
app.use((req, res, next) => {
req.session.init = "init";
next();
});
对于我的app.js代码,按照by this answer的建议,我的会话然后保存,并返回一个cookie
const options = {
host: process.env.DB_HOST,
port: process.env.DB_PORT,
user: process.env.DB_USER,
password: process.env.DB_PASSWORD,
database: process.env.DB_DATABASE
};
const sessionStore = new MySQLStore(options);
app.use(session({
name: process.env.SESSION_NAME,
secret: process.env.SESSION_SECRETS,
store: sessionStore,
resave: false,
saveUninitialized: false,
cookie: {
secure: false,
httpOnly: true,
sameSite: 'strict',
maxAge:600000
}
}));
// *This code makes Express-Session work*
app.use((req, res, next) => {
req.session.init = "init";
next();
});
require('./startup/headers')(app);
require('./startup/routes')(app);
app.use((error, req, res, next) => {
const status = error.statusCode || 500;
res.status(status).json({ message: `Error`});
});
然后我的 Express 日志看起来像这样(注意末尾的 express-session 行)
express:router dispatching POST /auth/login +58ms
express:router query : /auth/login +1ms
express:router expressInit : /auth/login +2ms
express:router session : /auth/login +1ms
express-session no SID sent, generating session +5ms
express:router <anonymous> : /auth/login +4ms
express:router <anonymous> : /auth/login +0ms
express:router jsonParser : /auth/login +3ms
express:router urlencodedParser : /auth/login +3ms
express:router trim prefix (/auth) from url /auth/login +1ms
express:router router /auth : /auth/login +1ms
express:router dispatching POST /login +0ms
express-session saving 3FOu73E3BHGVl0Rw-KtrCOjjqcDZlxRY +31ms
express-session set-cookie session-cookie=s%3A3FOu73E3BHGVl0Rw-KtrCOjjqcDZlxRY.ucs49AVEgJFmJ1b5CeDuICqIihbDeNa294ImU4XC2lg; Path=/; Expires=Mon, 23 Jan 2023 11:29:39 GMT; HttpOnly; SameSite=Strict +9ms
express-session split response +8ms
我在文档中看不到任何关于这是必要的,并且希望有人可以解释这种行为?
【问题讨论】:
标签: javascript node.js express