【问题标题】:Why do I need to access the session object before Express-Session saves and sets a cookie?为什么我需要在 Express-Session 保存和设置 cookie 之前访问会话对象?
【发布时间】:2023-01-23 23:41:08
【问题描述】:

TLDR:

为什么我需要访问会话对象

app.use((req, res, next) => {
    req.session.init = "init";
    next();
});

...在会话中间件之后的 app.js 中使其工作?不这样做意味着不会保存会话,并且不会设置 cookie。

**编辑:我不认为这是 cookie 设置的问题,因为会话也没有被保存,并且当包含上述代码时,cookie 和会话都很好


原始问题:

我正在使用 Express-Sessions 尝试将会话存储在我的数据库 (MySQL) 中。

由于某种原因,它停止保存会话并返回 cookie。我的 Express 日志如下所示:

  express:router dispatching POST /auth/login +18s
  express:router query  : /auth/login +0ms
  express:router expressInit  : /auth/login +1ms
  express:router session  : /auth/login +0ms
  express-session no SID sent, generating session +1ms
  express:router <anonymous>  : /auth/login +1ms
  express:router jsonParser  : /auth/login +0ms
  express:router urlencodedParser  : /auth/login +1ms
  express:router trim prefix (/auth) from url /auth/login +0ms
  express:router router /auth : /auth/login +1ms
  express:router dispatching POST /login +0ms

但是,如果我添加:

// *This code makes Express-Session work*
app.use((req, res, next) => {
    req.session.init = "init";
    next();
});

对于我的app.js代码,按照by this answer的建议,我的会话然后保存,并返回一个cookie

const options = {
    host: process.env.DB_HOST,
    port: process.env.DB_PORT,
    user: process.env.DB_USER,
    password: process.env.DB_PASSWORD,
    database: process.env.DB_DATABASE
};

const sessionStore = new MySQLStore(options);

app.use(session({
    name: process.env.SESSION_NAME,
    secret: process.env.SESSION_SECRETS,
    store: sessionStore,
    resave: false,
    saveUninitialized: false,
  cookie: {
    secure: false,
    httpOnly: true,
    sameSite: 'strict',
    maxAge:600000
  }
}));

// *This code makes Express-Session work*
app.use((req, res, next) => {
    req.session.init = "init";
    next();
});

require('./startup/headers')(app);
require('./startup/routes')(app);

app.use((error, req, res, next) => {

  const status = error.statusCode || 500;

  res.status(status).json({ message: `Error`});
});

然后我的 Express 日志看起来像这样(注意末尾的 express-session 行)

  express:router dispatching POST /auth/login +58ms
  express:router query  : /auth/login +1ms
  express:router expressInit  : /auth/login +2ms
  express:router session  : /auth/login +1ms
  express-session no SID sent, generating session +5ms
  express:router <anonymous>  : /auth/login +4ms
  express:router <anonymous>  : /auth/login +0ms
  express:router jsonParser  : /auth/login +3ms
  express:router urlencodedParser  : /auth/login +3ms
  express:router trim prefix (/auth) from url /auth/login +1ms
  express:router router /auth : /auth/login +1ms
  express:router dispatching POST /login +0ms

  express-session saving 3FOu73E3BHGVl0Rw-KtrCOjjqcDZlxRY +31ms
  express-session set-cookie session-cookie=s%3A3FOu73E3BHGVl0Rw-KtrCOjjqcDZlxRY.ucs49AVEgJFmJ1b5CeDuICqIihbDeNa294ImU4XC2lg; Path=/; Expires=Mon, 23 Jan 2023 11:29:39 GMT; HttpOnly; SameSite=Strict +9ms
  express-session split response +8ms

我在文档中看不到任何关于这是必要的,并且希望有人可以解释这种行为?

【问题讨论】:

    标签: javascript node.js express


    【解决方案1】:

    答案是配置

    resave: false,
    saveUninitialized: false,
    

    需要在会话创建之前对其进行更改

    【讨论】:

      猜你喜欢
      • 2016-05-12
      • 2017-06-20
      • 2018-06-30
      • 2021-09-05
      • 1970-01-01
      • 1970-01-01
      • 2014-06-27
      • 2020-09-14
      • 1970-01-01
      相关资源
      最近更新 更多