会话存储在 mongoDB 存储中,但在生产期间不存储在浏览器中 [已解决]
Session is stored in mongoDB store but not in the browser during production [SOLVED]
概览
- 我写了一个与 Express 交互的 React 应用 API
- 我结合快速授权会话实施了 oauth2
- 我部署到 Netlify 的客户端 - https://keen-bhaskara-257c68.netlify.app/
- 这是回购协议:https://github.com/ThevinSilva/loghorizonServer
- 服务器端到 Heroku - https://loghorizon-server.herokuapp.com/
- 这是回购协议:https://github.com/ThevinSilva/loghorizonClient
- 当前 cors 设置
//cloudinary
require("dotenv").config();
cloudinary.config({
cloud_name: "loghorizon",
api_key: process.env.CLOUDINARY_API_KEY,
api_secret: process.env.CLOUDINARY_SECRET,
});
require("./config/passport")(passport);
//MongoDB
connectDB();
//---------------------------------- SERVER ----------------------------------
const app = Express();
const httpServer = http.createServer(app);
const io = Socket(httpServer, {
cors: {
origin: process.env.CLIENT_SIDE_URL,
methods: ["GET", "POST"],
allowedHeaders: ["my-custom-header"],
credentials: true,
},
});
app.use(
cors({
origin: process.env.CLIENT_SIDE_URL, // allow to server to accept request from different origin
methods: "GET,HEAD,PUT,PATCH,POST,DELETE",
credentials: true, // allow session cookie from browser to pass through
})
);
//---------------------------------- MIDDLEWARE ----------------------------------
// increase bandwidth to allow for base64 strings
app.use(Express.json({ limit: "40mb", extended: true }));
app.use(Express.urlencoded({ limit: "40mb", extended: true }));
app.set("trust proxy", 1);
app.use(
Session({
name: "LHsession",
secret: process.env.COOKIE_SECRET,
resave: true,
store: new MongoStore({ mongooseConnection: mongoose.connection }),
cookie: {
sameSite: false,
maxAge: 8.64e7,
secure: false,
httpOnly: false,
},
})
);
// utility for monitoring requests
app.use(Morgan("dev"));
//---------------------------------- Pasport config ----------------------------------
app.use(passport.initialize());
app.use(passport.session());
问题
该项目在我的开发环境中完美运行(在多台计算机上测试)。抛出以下错误:
has been blocked by CORS policy: no 'Access-Control-Allow-origin' ...
重要的是要注意,除非我被重定向回我的网络应用程序会话,否则不会存储包含帐户的实际授权页面。
我尝试了什么
不言而喻,这些都行不通
- 我读到添加行 app.set("trust proxy")
app.set("trust proxy", 1);
app.use(
Session({
name: "LHsession",
secret: process.env.COOKIE_SECRET,
resave: true,
store: new MongoStore({ mongooseConnection: mongoose.connection }),
cookie: {
sameSite: false,
maxAge: 8.64e7,
secure: false,
httpOnly: false,
},
})
);
- 在 Axios 中我添加了 withCredentials
const server = axios.create({
withCredentials: true,
baseURL: process.env.REACT_APP_SERVER + "/board",
});
- 我读了很多线程,这个看起来很有前途并且可能有效,但我希望客户端和服务器是分开的 - express session not persisting after deploying to heroku and netlify
免责声明
- 我是一个 17 岁的业余爱好者,可能已经不知所措,请愚弄我对网络不存在的知识。也许给我 material 阅读。
- 我查看的环境变量输入成功
- 文档可能有点奇怪抱歉
- 最终的 React 构建中有很多错误和警告,但我认为这在这里并不重要
问题已解决我在我的网站域下注册了这两个,现在它就像一个魅力。没有解决 cors 问题,但仍然设法让我的项目工作。更确定和彻底的 运行 潜在罪魁祸首在这个线程上:
概览
- 我写了一个与 Express 交互的 React 应用 API
- 我结合快速授权会话实施了 oauth2
- 我部署到 Netlify 的客户端 - https://keen-bhaskara-257c68.netlify.app/
- 这是回购协议:https://github.com/ThevinSilva/loghorizonServer
- 服务器端到 Heroku - https://loghorizon-server.herokuapp.com/
- 这是回购协议:https://github.com/ThevinSilva/loghorizonClient
- 当前 cors 设置
//cloudinary
require("dotenv").config();
cloudinary.config({
cloud_name: "loghorizon",
api_key: process.env.CLOUDINARY_API_KEY,
api_secret: process.env.CLOUDINARY_SECRET,
});
require("./config/passport")(passport);
//MongoDB
connectDB();
//---------------------------------- SERVER ----------------------------------
const app = Express();
const httpServer = http.createServer(app);
const io = Socket(httpServer, {
cors: {
origin: process.env.CLIENT_SIDE_URL,
methods: ["GET", "POST"],
allowedHeaders: ["my-custom-header"],
credentials: true,
},
});
app.use(
cors({
origin: process.env.CLIENT_SIDE_URL, // allow to server to accept request from different origin
methods: "GET,HEAD,PUT,PATCH,POST,DELETE",
credentials: true, // allow session cookie from browser to pass through
})
);
//---------------------------------- MIDDLEWARE ----------------------------------
// increase bandwidth to allow for base64 strings
app.use(Express.json({ limit: "40mb", extended: true }));
app.use(Express.urlencoded({ limit: "40mb", extended: true }));
app.set("trust proxy", 1);
app.use(
Session({
name: "LHsession",
secret: process.env.COOKIE_SECRET,
resave: true,
store: new MongoStore({ mongooseConnection: mongoose.connection }),
cookie: {
sameSite: false,
maxAge: 8.64e7,
secure: false,
httpOnly: false,
},
})
);
// utility for monitoring requests
app.use(Morgan("dev"));
//---------------------------------- Pasport config ----------------------------------
app.use(passport.initialize());
app.use(passport.session());
问题
该项目在我的开发环境中完美运行(在多台计算机上测试)。抛出以下错误: has been blocked by CORS policy: no 'Access-Control-Allow-origin' ...
重要的是要注意,除非我被重定向回我的网络应用程序会话,否则不会存储包含帐户的实际授权页面。
我尝试了什么
不言而喻,这些都行不通
- 我读到添加行 app.set("trust proxy")
app.set("trust proxy", 1);
app.use(
Session({
name: "LHsession",
secret: process.env.COOKIE_SECRET,
resave: true,
store: new MongoStore({ mongooseConnection: mongoose.connection }),
cookie: {
sameSite: false,
maxAge: 8.64e7,
secure: false,
httpOnly: false,
},
})
);
- 在 Axios 中我添加了 withCredentials
const server = axios.create({
withCredentials: true,
baseURL: process.env.REACT_APP_SERVER + "/board",
});
- 我读了很多线程,这个看起来很有前途并且可能有效,但我希望客户端和服务器是分开的 - express session not persisting after deploying to heroku and netlify
免责声明
- 我是一个 17 岁的业余爱好者,可能已经不知所措,请愚弄我对网络不存在的知识。也许给我 material 阅读。
- 我查看的环境变量输入成功
- 文档可能有点奇怪抱歉
- 最终的 React 构建中有很多错误和警告,但我认为这在这里并不重要
问题已解决我在我的网站域下注册了这两个,现在它就像一个魅力。没有解决 cors 问题,但仍然设法让我的项目工作。更确定和彻底的 运行 潜在罪魁祸首在这个线程上: