从 React js 发出 get/post 请求时,Express 会话总是创建新会话
Express session always creating new session when making get/post request from react js
当从 express-session 请求会话时,我正在 post 或使用 Fetch api 从 React JS 获取请求总是创建新会话。
后端
app.use(session({
secret: 'sec12',
resave: false,
saveUninitialized: false,
store: MongoStore.create({
mongoUrl: keys.mongodb.dbURI,
autoRemove: 'native',
ttl: 9 * 60 * 60,
mongoOptions: {
useNewUrlParser: true,
useUnifiedTopology: true
}
})
}));
科尔斯
var corsOptions = {
origin: 'http://localhost:3000',
methods: ['GET', 'POST'],
optionsSuccessStatus: 200,
credentials:true,
preflightContinue: true,
allowedHeaders: ['Content-Type', 'Authorization', 'X-Requested-With', 'Accept']
}
app.use(cors(corsOptions))
以及来自 React JS
var requestOptions = {
method: 'POST',
headers: headers,
body: JSON.stringify(formData),
redirect: 'follow',
credentials: 'include',
};
fetch(url, requestOptions)
.then(response => {
if(response.ok){
return response.json()
}else{
return reject('Oppps... Something went wrong the backend server not found!')
}
})
.then(result => result?.error ? resolve(result) : resolve(result))
我想,我想出来了.. 只需在验证后添加 req.cookie 并在每个请求中解析它。
登录验证通过后放置此脚本
res.cookie('access_token', token, { maxAge: 900000, httpOnly: true });
然后使用 cookieParser 并在每个请求中解析它
const cookieExtractor = req =>{
let token = null;
if(req && req.cookies){
token = req.cookies['access_token']
}
return token;
}
// MIDDLEWARE
passport.use(new JwtStrategy({jwtFromRequest : cookieExtractor, secretOrKey :
"secret01"}, async (payload, done)=>{
User.findById({_id : payload.sub},(err, user)=>{
if(err) {
return done(err,false);
}
if(user){
return done(null,user);
}else{
return done(null,false);
}
});
}));
当从 express-session 请求会话时,我正在 post 或使用 Fetch api 从 React JS 获取请求总是创建新会话。
后端
app.use(session({
secret: 'sec12',
resave: false,
saveUninitialized: false,
store: MongoStore.create({
mongoUrl: keys.mongodb.dbURI,
autoRemove: 'native',
ttl: 9 * 60 * 60,
mongoOptions: {
useNewUrlParser: true,
useUnifiedTopology: true
}
})
}));
科尔斯
var corsOptions = {
origin: 'http://localhost:3000',
methods: ['GET', 'POST'],
optionsSuccessStatus: 200,
credentials:true,
preflightContinue: true,
allowedHeaders: ['Content-Type', 'Authorization', 'X-Requested-With', 'Accept']
}
app.use(cors(corsOptions))
以及来自 React JS
var requestOptions = {
method: 'POST',
headers: headers,
body: JSON.stringify(formData),
redirect: 'follow',
credentials: 'include',
};
fetch(url, requestOptions)
.then(response => {
if(response.ok){
return response.json()
}else{
return reject('Oppps... Something went wrong the backend server not found!')
}
})
.then(result => result?.error ? resolve(result) : resolve(result))
我想,我想出来了.. 只需在验证后添加 req.cookie 并在每个请求中解析它。
登录验证通过后放置此脚本
res.cookie('access_token', token, { maxAge: 900000, httpOnly: true });
然后使用 cookieParser 并在每个请求中解析它
const cookieExtractor = req =>{
let token = null;
if(req && req.cookies){
token = req.cookies['access_token']
}
return token;
}
// MIDDLEWARE
passport.use(new JwtStrategy({jwtFromRequest : cookieExtractor, secretOrKey :
"secret01"}, async (payload, done)=>{
User.findById({_id : payload.sub},(err, user)=>{
if(err) {
return done(err,false);
}
if(user){
return done(null,user);
}else{
return done(null,false);
}
});
}));