Emi*_*own 6 express express-session
我正在构建一个网站,因为两个 url ('/','/admin') 会话发生冲突,这是我的 app.js 会话代码
app.use(logger('dev'));
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: false }));
app.use(cookieParser());
app.use(session({
secret: "JHGF>,./?;;LJ8#$?,KL:>>>,,KJJJDHE",
resave: true,
saveUninitialized: true
}));
app.use(flash());
app.use(passport.initialize());
app.use(passport.session());
app.use(express.static(path.join(__dirname, 'public')));
app.use('/', index);
app.use('/admin', admin);
请问我该如何解决这个问题?
这是index.js
var express = require('express');
var User = require('../models/user');
var Admin = require('../models/admin');
var Pandingpay = require('../models/pandingpay');
var Confirmpay = require('../models/confirmpay');
var passport = require('passport');
var moment = require('moment');
var router = express.Router();
function ensureAuthenticated(req, res, next) {
if (req.isAuthenticated()) {
next();
} else {
req.flash("info", "You must be logged in to see this page.");
res.redirect("/user/login");
}
};
function Authenticated(req, res, next) {
if (req.isAuthenticated()) {
res.redirect('/user/dashboard/');
}else {
next();
}
};
router.use(function(req, res, next){
res.locals.currentUser = req.user;
res.locals.errors = req.flash("error");
res.locals.infos = req.flash("info");
next();
});
/* GET home page. */
router.get('/', function(req, res) {
res.render('index',{
title: 'Home'
});
});
router.post('/login', function(req, res, next) {
passport.authenticate('user-local', {failureFlash:true}, function(err, user, info) {
if(!req.body.password || !req.body.username){
req.flash("error", "Please enter your username and password");
return res.redirect("/login");
}
if (err) { return next(err); }
if (!user) {
req.flash("error", "Sorry username or password is invalied!");
return res.redirect('/login');
}
req.logIn(user, function(err) {
if (err) { return next(err); }
return res.redirect('/dashboard');
});
})(req, res, next);
});
这是我的 admin.js
var express = require('express');
var User = require('../models/user');
var Admin = require('../models/admin');
var Pandingpay = require('../models/pandingpay');
var Confirmpay = require('../models/confirmpay');
var passport = require('passport');
var moment = require('moment');
var routeradmin = express.Router();
function ensureAuthenticated(req, res, next) {
if (req.isAuthenticated()) {
next();
} else {
req.flash("info", "You must be logged in to see this page.");
res.redirect("/admin/login");
}
};
routeradmin.use(function(req, res, next){
res.locals.currentUser = req.user;
res.locals.errors = req.flash("error");
res.locals.infos = req.flash("info");
next();
});
/* GET home page. */
routeradmin.get('/login', function(req, res) {
res.render('adminlogin');
});
routeradmin.post('/login', function(req, res, next) {
passport.authenticate('admin-local', {failureFlash:true}, function(err, user, info) {
if(!req.body.password || !req.body.username){
req.flash("error", "Please enter your username and password");
return res.redirect("/admin/login");
}
if (err) { return next(err); }
if (!user) {
req.flash("error", "Sorry username or password is invalied!");
return res.redirect('/admin/login');
}
req.logIn(user, function(err) {
if (err) { return next(err); }
return res.redirect('/admin/allusers/' + user.username);
});
})(req, res, next);
});
我所说的冲突的意思是,当管理员登录而不是为管理员创建新会话时,它使用已登录用户的会话
如果您想要两个单独的会话对象,一个用于常规使用,一个用于管理使用,并且它们之间没有重叠,那么您必须执行两个单独的app.use('/path1', session(...))andapp.use('/path2', session(...))语句,以便您有两个单独的会话管理器用于不同的路径,并确保每个对象都有不同的 cookie名称(使用选项name的参数session())。然后,您必须将 URL 设计为这些 URL 的子路径,以便它们获得正确的路径。
通常,人们只使用一个会话,然后在会话中保留一个标志,无论是否是管理员登录,您可以在需要时检查该标志。