Home > Web Front-end > JS Tutorial > Simple use of sessions in Nodejs and methods of authentication through sessions_node.js

Simple use of sessions in Nodejs and methods of authentication through sessions_node.js

WBOY
Release: 2016-05-16 15:16:15
Original
1457 people have browsed it

Session needs no introduction, so that one http can correspond to one end user.

The essence of session is implemented using cookies.

The principle is probably: http brings the server to set cookies in advance, the server gets the cookie indicating the user's identity, and then goes to a fixed location (database, file) to retrieve the corresponding user identity. Assign the identity to the request of this request, and the user's identity will be known during program processing. (It is automatically implemented for you in PHP, ASP or other server-side languages)

Implement cookies

A cookie that identifies the user needs to be set for each user. You can use the following rules

MD5 value of registered email + MD5 value of password + MD5 value of random code. (Just an example, this may not be a good solution)

Server-side code snippet:

res.setHeader("Set-Cookie", ["sid="+newUser.toCookie()+";path=/;domain="+config.domain+";expires="+new Date("2030") ]); 
Copy after login

cookie

sid=275fccab7935736ff68c95c3ddbfaaee|275fccab7935736ff68c95c3ddbfaaee|275fccab7935736ff68c95c3ddbfaaee 
Copy after login

Use cookies to obtain user identity and set up session

Direct all non-static resource requests here for processing. Get the cookie, split the cookie and find qualified users in the database. Finally, use next to jump to the next request logic.

The next request logic is to directly use req.session.user to obtain the user object.

session:function(req, res, next){
req.session = {};
if( req.cookies && req.cookies.sid ){
var a = req.cookies.sid.split("|");
var hexMail = a[0];
var hexPwd = a[1];
var hexRandom = a[2];
UserModel.hexFind(hexMail, hexPwd, hexRandom, function( status ){
//console.log("hexFind", status );
if(status.code == "0"){
//req.cookiesSelecter = cookiesSelecter;
req.session.user = status.result;
}
next();
});
}else{
next();
} 
}
Copy after login

Let me talk about how nodejs implements identity authentication through session

nodejs express session authentication

1) Import module

var session = require('express-session');
var cookieParser = require('cookie-parser');
Copy after login

2) Apply cookie and session

app.use(cookieParser());
app.use(session({
resave: true, // don't save session if unmodified
saveUninitialized: false, // don't create session until something stored
secret: 'love'
}));
Copy after login

3) When requesting, apply authentication

app.use(function(req,res,next){
if (!req.session.user) {
if(req.url=="/login"){
next();//如果请求的地址是登录则通过,进行下一个请求
}
else
{
res.redirect('/login');
}
} else if (req.session.user) {
next();
}
});
Copy after login

4) Login design

app.get('/login',function(req,res){
res.render("login");
});
app.post('/login',function(req,res){
if(req.body.username=="love" && req.body.password=="love"){
var user = {'username':'love'};
req.session.user = user;
res.redirect('/admin/app/list');
}
else
{
res.redirect('/login');
}
});
app.get('/logout',function(req,res){
req.session.user = null;
res.redirect('/login');
});
Copy after login
source:php.cn
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template