我的express-session
有问题,它似乎没有保存我的用户会话。这是我宣布我的会话时:
// Session
// app.use(express.urlencoded({ extended: true }));
app.use(session({
secret: "key per i cookie",
saveUninitialized: false,
resave: false,
store: MongoStore.create({
mongoUrl: process.env.URI,
autoRemove: 'disabled'
}),
cookie: { maxAge:30000, secure:false }
}));
app.use(cookieParser());
app.use(function(req, res, next) {
res.locals.session = req.session.user;
next();
});
然后在用户登录时保存
app.post('/login', async (req,res) => {
const { username, password } = req.body
const user = await User.findOne({username}).lean()
if(!user) {
return res.json({status:'error', error:'Username o password non validi'})
}
if (await bcrypt.compare(password, user.password)) {
const token = jwt.sign({
id: user._id,
username: user.username
}, JWT_SECRET);
req.session.user = username;
req.session.save();
console.log('Utente loggato ' + req.session.user);
return res.json({ status: 'ok', data: token });
}
res.json({status:'error',error:'Username o password non validi'});
});
显然,在帖子中,我保存了会话,但在登录后,当尝试使用访问EJS页面时
<% if(session.user) { %>
<h1>Session stored</h1>
<% } else { %>
<p>No session</p>
<% }%>
我没有存储会话。我做错了什么??提前感谢
我认为您应该在cookie解析器中使用会话中使用的秘密短语
app.use(cookieParser("key per i cookie"))