问题描述

我正在使用Express和节点进行会话管理与https。我想使用express创建会话，以便在重定向到公共文件夹中的静态文件之前进行身份验证和会话。以前，我遇到问题
但是通过将express.session中的路径包含为/ public解决，但现在我的req.session显示为未定义，但在浏览器中有connect.sid cookie存在

I am using Express and node for the session management with https. I want to create a session using express so that authentication and the session is made before the redirection to the static files in the public folder. Previously i was having a problem Trouble using express.session with httpsBut it was solved by including path in the express.session as /public but now my req.session is showing as undefined but in the browser there is connect.sid cookie present

app.js是：

var express = require('express')TypeError: Cannot set property 'user_id' of undefined at /opt/expressjs/app.js:59:24 at callbacks;
var http = require('http');
var https = require('https');
var fs = require('fs');
var mongo = require('mongodb');
var monk = require('monk');
var db = monk('localhost:27017/svgtest1');
var options = {
  key: fs.readFileSync('privatekey.pem'),
  cert: fs.readFileSync('certificate.pem')
};

var app = express();

app.use(express.static(__dirname + '/public'));
app.use(express.urlencoded());
app.use(express.json());
app.use(express.cookieParser());
app.use(express.session({cookie: {  path: '/public/',httpOnly: false , maxAge: 24*60*60*1000}, secret: '1234567890QWERT'}));

//middle ware to check auth
function checkAuth(req, res, next) {
  if (!req.session.user_id) {
    res.send('You are not authorized to view this page');
  } else {
    next();
  }
}


app.get('/', function(req, res) {
  console.log('First page called');
  res.redirect('loginform.html');
  console.log('redirected');
  res.end();
});

app.post('/login', function(req, res) {
  console.log('login called');
  var usrfield = req.body.usrfield;
  var passfield = req.body.passfield;

    console.log(req.session);


// Play with the username and password

        if (usrfield == 'kk' && passfield == '123') {
             req.session.user_id = 'xyz';
        res.redirect('svg-edit.html');
      } else {
        res.send('Bad user/pass');
      }


        console.log(usrfield);
        console.log(passfield);
        res.end();
    });

客户端：

<html>

<style media="screen" type="text/css">
@import url("css/loginform_styles.css");
 </style>

    <head>
            <script type="text/javascript" src="annotationTools/js/md5.js" ></script>
            <script>

                function validateForm()
                {
                    var usrnamefield=document.forms["loginform"]["usrfield"].value;
                    var passwrdfield=document.forms["loginform"]["passfield"].value;

                    if ((usrnamefield==null || usrnamefield=="")||(passwrdfield==null || passwrdfield==""))
                      {
                        document.getElementById('valueerrorlayer').innerHTML ='Username or password field is empty';
                        //document.forms["loginform"]["errorshow"].innerHtml = 'username or password empty';
                      return false;
                      }
                    else return true;
                }
            </script>

    </head>

    <body>


    <form name="loginform" id="loginform" action="https://localhost:8888/login" method="post" onsubmit="return validateForm()">
        <div id = "content" align = "center">

            <p align="center"><font size="7">LabelMe Dev</font></p>
            <br />
            <br />

            <label> Please Enter the <b><i>Username</i></b></label>
            <br />
            <br />

            <input type="text"  name = "usrfield" id = "usrfield" onkeydown="if (event.keyCode == 13) document.getElementById('btnSearch').click()"/>
            <br />
            <br />
            <br />

            <label> Please Enter the <b><i>Password</i></b></label>
            <br />
            <br />
            <input type="password"  name = "passfield" id = "passfield" onkeydown="if (event.keyCode == 13) document.getElementById('btnSearch').click()"/>
            <br />
            <br />
            <br />

            <i><p id='valueerrorlayer' style="color:red;"> </p></i>

            <input type="submit" value="Submit"/>
        </div>
    </form>
    </body>





</html>

问题是 console.log req.session）; 给定未定义，所以 req.session.user_id ='xyz'; 也不起作用，错误 'TypeError：无法在回调'来的/opt/expressjs/app.js:59:24中设置未定义的属性'user_id'。
我经历过许多问题，但无法弄清楚。

The problem is that console.log(req.session); gives undefined so the req.session.user_id = 'xyz'; also not works and error 'TypeError: Cannot set property 'user_id' of undefined at /opt/expressjs/app.js:59:24 at callbacks' comes.I have gone through many questions but was not able to figure out.

我的网站是静态的，所有的* .html都位于公共目录

My website is static and all the *.html locates in the public directory

推荐答案

The session middleware checks if an incoming request matches the cookie path; if not, it doesn't bother continuing (and req.session won't even be created). In your situation, your cookie path is set to /public/, which doesn't match the request path /login.

我想你想要配置会话中间件cookie以使用 / 作为路径：

I think you'd want to configure the session middleware cookie to use / as a path:

app.use(express.session({
  cookie: {
    path    : '/',
    httpOnly: false,
    maxAge  : 24*60*60*1000
  },
  secret: '1234567890QWERT'
}));

这篇关于req.session undefined和req.session.user_id不工作的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！