gpt4 book ai didi

javascript - req.session.user 在我的 node.js 项目中不是 "global"

转载 作者:可可西里 更新时间:2023-11-01 11:43:36 26 4
gpt4 key购买 nike

身份验证成功后 req.session.user 存在,但是当我尝试调用它来限制对页面的访问时,它消失了,当然在我不希望它访问时限制访问。我知道这是一个范围问题,但我无法弄清楚。

    function restrict(req, res, next) {
if (req.session.user) {
next();
} else {
req.session.error = 'Access denied!';
res.redirect('/accessdenied');
}
}

// Add User Route
app.get('/addUser', restrict, function (req, res, next)
{res.render('addUser', {
title : "SC Auds - Ad New User"
, author : "Alan Swenson"
, description : "none"
});
});



app.post('/login', function (req, res, next){

var checkuser = new User({
email : req.body.user.email
, password : req.body.user.password
});

// checkuser.save(function(err) {
// Successfully Logged In
User.getAuthenticated(checkuser.email, checkuser.password, function(err, user, reason) {

if (err) {
throw err;
// Failed to work
res.redirect('/error');
}

// login was successful if we have a user
if (user) {
// handle login success
req.session.regenerate(function(){
req.session.user = user;
req.session.success = 'Authenticated as ' + user.email;
res.redirect('/admin');
console.log(req.session.user);
});
}

// otherwise we can determine why we failed
var reasons = User.failedLogin;
console.log(User.failedLogin);
switch (reason) {
case reasons.NOT_FOUND:
case reasons.PASSWORD_INCORRECT:
// note: these cases are usually treated the same - don't tell
// the user *why* the login failed, only that it did
break;
case reasons.MAX_ATTEMPTS:
// send email or otherwise notify user that account is
// temporarily locked
break;

}

});



});

这是我的 app.js

/**
* Module dependencies
*/

var express = require('express'),
routes = require('./routes'),
tasks = require("./tasks"),
mongoose = require('mongoose');
crypt = require('bcrypt');
RedisStore = require('connect-redis')(express);
url = require('url');


// Get yo' models
User = require("./models/user.js");
// Set up the app
app = express();
// Set up the server
var server = require('http').createServer(app);

//set up redis
var redisURL = 'redis://nodejitsu:nodejitsudb3022889634.redis.irstack.com:f327cfe980c971946e80b8e975fbebb4@nodejitsudb3022889634.redis.irstack.com:6379';
var redis = url.parse(redisURL);
console.log(redis);
/**
* Configuration
*/

app.configure(function(){
app.set('views', __dirname + '/views');
app.set('view engine', 'jade');
// Middle Ware
app.use(express.favicon(__dirname + '/public/favicon.ico'));
app.use(express.bodyParser());
app.use(express.cookieParser());
app.use(express.session({
secret: "kaskjbabjkdfkabdfbkadbkjfasdfasdfrterterte",
store: new RedisStore({ host: redis.hostname, port: redis.port, pass: redis.auth ? redis.auth.substring(redis.auth.indexOf(':') + 1) : null }),
proxy: true,
cookie: { secure: true}
}));
app.use(express.methodOverride());



app.use(app.router);
app.use(express.static(__dirname + '/public'));
app.enable('trust proxy');
});

/**
* Set up Listening Ports
* Development & Production
*/

var port;
app.configure('development', function(){
port = 3000;
app.use(express.errorHandler({ dumpExceptions: true, showStack: true }));
// mongoose.connect('mongodb://localhost/<app_name>');
});

app.configure('production', function(){
port = 80;
app.use(express.errorHandler());
// Production database connection string
mongoose.connect('mongodb://nodejitsu:c09cdadf6f1c8ecad43a01d54b4da8e4@linus.mongohq.com:10096/nodejitsudb9995237560');
});

/**
* Open Database
*/

var db = mongoose.connection;
db.on('error', console.error.bind(console, 'connection error:'));
db.once('open', function callback () {
console.log('opened');
});

var models = {};

/**
* Set up Routes
*/

// Main Route
app.get('/', routes.home);
// Additional Routes
require('./additionalRoutes')(app)


/**
* Start Sever Listening
*/

server.listen(port, function(){
});


/*
* Run background tasks here:
*/

// Run immediately
// tasks.myTask();

// Run periodically
// setInterval(tasks.myTask, 1000 * 60 * 10);

最佳答案

您在这里缺少限制功能..

app.post('/login', function (req, res, next){

将其更改为。

app.post('/login', restrict, function (req, res, next){

关于javascript - req.session.user 在我的 node.js 项目中不是 "global",我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/19039929/

26 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com