【发布时间】:2018-08-16 18:16:48
【问题描述】:
我在下面有一个 nodejs 登录应用程序。我没有使用passportjs。一切都很好,除了注销销毁会话问题。这是问题所在。当用户单击注销按钮时,用户将注销但会话不会因此而被破坏,我仍然可以访问仪表板上的用户会话数据。
初始化会话后,我添加了下面的代码,但没有办法。
if(userId == null){
res.redirect("/login");
return;
}
这里是 app.js 代码
var express = require('express')
, routes = require('./routes')
, user = require('./routes/user')
, http = require('http')
, path = require('path');
//var methodOverride = require('method-override');
var session = require('express-session');
var app = express();
var mysql = require('mysql');
var bodyParser=require("body-parser");
var connection = mysql.createConnection({
host : 'localhost',
user : 'root',
password : '',
database : 'nodejs'
});
connection.connect();
global.db = connection;
// all environments
app.set('port', process.env.PORT || 8080);
app.set('views', __dirname + '/views');
app.set('view engine', 'ejs');
app.use(bodyParser.urlencoded({ extended: false }));
app.use(bodyParser.json());
app.use(express.static(path.join(__dirname, 'public')));
app.use(session({
secret: 'Star boyoyo44',
resave: false,
saveUninitialized: true,
cookie: { maxAge: 60000 }
}))
// development only
app.get('/', routes.index);//call for main index page
app.get('/login', routes.index);//call for login page
app.post('/login', user.login);//call for login post
app.get('/home/dashboard', user.dashboard);//call for dashboard page after login
app.get('/home/logout', user.logout);//call for logout
//Middleware
app.listen(8080)
这里是 user.js
//-----------------------------------------------login page call------------------------------------------------------
exports.login = function(req, res){
var message = '';
var sess = req.session;
if(req.method == "POST"){
var post = req.body;
var name= post.user_name;
var pass= post.password;
db.query('SELECT * FROM users1 WHERE user_name = ? and password =?',[name,pass], function (err, results, fields) {
if(results.length){
req.session.userId = results[0].id;
req.session.user = results[0].id;
req.session.last_name = results[0].last_name;
console.log(results[0].id);
console.log(req.session.last_name);
res.redirect('/home/dashboard');
}
else{
message = 'Wrong Credentials.';
res.render('index.ejs',{message: message});
}
});
} else {
res.render('index.ejs',{message: message});
}
};
//-----------------------------------------------dashboard page functionality----------------------------------------------
exports.dashboard = function(req, res, next){
var user = req.session.user,
userId = req.session.userId;
console.log('ddd='+userId);
var seco= req.session.last_name;
console.log(seco);
if(userId == null){
res.redirect("/login");
return;
}
res.render('dashboard.ejs', {user:user, sec1:seco, user1:userId});
/*
var sql="SELECT * FROM `users1` WHERE `id`='"+userId+"'";
db.query(sql, function(err, results){
res.render('dashboard.ejs', {user:user, sec1:seco, user1:userId});
});
*/
};
//------------------------------------logout functionality----------------------------------------------
exports.logout=function(req,res){
res.clearCookie('myCookie');
res.clearCookie('connect.sid');
req.session.destroy(function(err) {
res.redirect("/login");
})
};
【问题讨论】: