我用express-session redis-conect這兩個通用的方案來弄sesion的時候一直無效,然後我測試了cookie發現可以正常使用,行,那隻能自己實現session了,
在express的腳手架環境下再準備好以下模塊
"redis": "^2.4.2",
"uuid": "^3.2.1"
登錄成功的邏輯中設置cookie
var UUID=require('uuid')
var token='token'+UUID.v1()
var redis = require('redis');
var client = redis.createClient(config.redis_port,config.redis_host);
client.on('connect',()=>{
client.hmset(token, {
"expires":Date.now()+config.token_expires_time, // NOTE: key and value will be coerced to strings
"user": JSON.stringify(user)
});
res.cookie('token',token,{ expires:new Date(Date.now()+config.token_expires_time), httpOnly: true });
return res.render('sign/signin', {success: '登陸成功'});
})
編寫一箇中間件
//判段用戶是否登錄
app.use(function(req,res,next){
if(req.cookies.token){
var redis = require('redis');
var client = redis.createClient(config.redis_port,config.redis_host);
client.on('connect',()=>{
//將鍵值放入redis中進行查詢
client.hgetall(req.cookies.token, function (err, obj) {
//以過期,被定時任務清除
if(obj!=null){
global.current_user=JSON.parse(obj.user)
}else{
global.current_user=false
res.cookie('token','')
}
next()
});
})
}
else{
global.current_user=false
next()
}
})
退出登錄
if(req.cookies.token){
var redis = require('redis');
var client = redis.createClient(config.redis_port,config.redis_host);
client.on('connect',()=>{
client.del(req.cookies.token,(err,response)=>{
if (err) return false;
res.cookie('token','')
res.redirect('/');
})
})
}
再加上腳本定時清除過期的session。搞定