问题描述
我试图将nodejs和nowjs与codeigniter框架,因为我没有时间重写整个网站我想检查一个用户是否登录。我使用ion_auth,我将会话存储在db。 / p>
客户js:
var session_id = $ .cookie('sc_session');
$(form)。submit(function(){
now.distributeMessage($(textarea)。val(),session_id);
});
now.receiveMessage = function(message){
$(body)。append(< br>+ message);
};
保存nodejs服务器代码:
EDIT :* 简化一下,从客户端js获取会话cookie
* everyone.now.distributeMessage = function(message,session_cookie){
exec('php index.php user_session decrypt'+ encodeURIComponent(session_cookie),
function错误,stdout,stderr){
var parts = stdout.split(';');
var session_id = parts [1] .split(':')[2];
var query ='select * from sc_sessions where session_id ='+ session_id;
client.query(query,function(err,results,fields){
if(results){
everyone.now。 receiveMessage(str);
}
});
});
};
这里是由nodejs调用的控制器:
<?php if(!defined('BASEPATH'))exit('不允许直接脚本访问);
class User_session extends CI_Controller
{
public function __construct()
{
parent :: __ construct();
if(!$ this-> input-> is_cli_request()){
redirect('index');
}
}
public function decrypt($ session_id)
{
$ this-> load-> library('encrypt');
$ session_id = urldecode($ session_id);
echo $ this-> encrypt-> decode($ session_id);
}
}
这是工作,我可以记录user_data到控制台从数据库中的会话,它会正确调用everyone.now.receiveMessage函数。
我有三个问题:
1)在sc_sessions数据库表中插入了具有session_id但具有空user_data,user_agent和ip 0.0.0.0的行。
这是什么原因导致此问题?如何解决?
我知道ajaxcalls和codeigniter会话有一个问题。看到这个线程:
有没有办法看到请求是否使用websockets?
检查用户是否登录的最佳方法是什么?例如if语句,你检查查询是否返回任何东西或有更好的方法?
3)有更好的方法吗?
George
p> EDIT :
从命令行调用脚本导致它创建新会话。通过扩展会话类阻止它。
应用程序/ libraries / MY_Session.php
<?php
class MY_Session extends CI_Session {
public function __construct()
{
$ CI = get_instance
if($ CI-> input-> is_cli_request())
{
return;
}
parent :: __ construct();
}
}
我最好的猜测是CLI不会传递像user_agent和ip这样的环境变量。这些由apache处理,并且在本地与CLI请求无关。如果你知道它在节点环境中是安全的,我就可以单独使用session_id。
I am trying to integrate nodejs and nowjs with codeigniter framework, As I dont have time to rewrite the whole site I want to check if a user is logged in. I am using ion_auth and I am storing the session in db.
Client js:
var session_id = $.cookie('sc_session');
$("form").submit(function() {
now.distributeMessage($("textarea").val(),session_id);
});
now.receiveMessage = function(message){
$("body").append("<br>" + message);
};
Heres the nodejs server code:
EDIT:*Simplified it a little, and get session cookie from client js*
everyone.now.distributeMessage = function(message,session_cookie) {
exec('php index.php user_session decrypt ' + encodeURIComponent(session_cookie),
function (error, stdout, stderr) {
var parts = stdout.split(';');
var session_id = parts[1].split(':')[2];
var query = 'select * from sc_sessions where session_id=' + session_id;
client.query(query, function (err, results, fields) {
if (results) {
everyone.now.receiveMessage(str);
}
});
});
};
And here is the controller called by nodejs:
<?php if (!defined('BASEPATH')) exit('No direct script access allowed');
class User_session extends CI_Controller
{
public function __construct()
{
parent::__construct();
if (!$this->input->is_cli_request()) {
redirect('index');
}
}
public function decrypt($session_id)
{
$this->load->library('encrypt');
$session_id = urldecode($session_id);
echo $this->encrypt->decode($session_id);
}
}
It is working and i can log the user_data to the console from the session in database, and it calls the everyone.now.receiveMessage function properly.
I have three questions regarding this:
1) there are rows inserted into the sc_sessions db table with a session_id but with empty user_data, user_agent and ip 0.0.0.0. One row each time the form is submitted.
What is causing this and how do i fix it?
I know that there is a problem with ajaxcalls and codeigniter sessions. See this thread:
Is there a way to see if the request was made with websockets?
2) What is the best way to check if the user is logged in? e.g if statement where you check to see if the query returned anything or is there a better method?
3) Is there a better method of doing this?
Any help appreciated as I am stuck on this.
George
EDIT:Calling the script from commandline caused it to create a new session. Prevent it by extending the session class.
application/libraries/MY_Session.php
<?php
class MY_Session extends CI_Session {
public function __construct()
{
$CI = get_instance();
if ($CI->input->is_cli_request())
{
return;
}
parent::__construct();
}
}
Great question, but lots of overhead to test an answer.
My best guess is CLI doesn't pass environmental variables like user_agent and ip. Those are handled by apache, and aren't relevant in CLI requests natively. I'd go by session_id alone if you know it's secure in a node environment.
这篇关于codeigniter nodejs和nowjs集成的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!