0
我尽可能地隔离了问题,但仍无法解决问题。如何解码快速会话cookie?
我创建一个空的服务器与环回,加入express-session
和body-parser
中间件
"session": {
"express-session": {
"params": {
"name": "id",
"secret": "potato with eyes",
"httpOnly": "false"
}
}
},
"auth": {},
"parse": {
"body-parser": {},
"body-parser#json": {},
"body-parser#urlencoded": {"params": { "extended": true }}
}
然后,我添加了一个对方法root.js.
。第一组为session.id
为一个变量。第二次记录下一个请求:
module.exports = function (app)
{
var cookieParser = require("cookie-parser")
var router = app.loopback.Router()
router.post("/login", function (req, res)
{
req.session.id = req.body.id
console.log("Set id to " + req.body.id)
res.end()
})
router.post("/addLead", function (req, res)
{
console.log("session", req.session)
console.log("got id: ", req.session.id)
console.log("decrypting single id:", cookieParser.signedCookie(req.session.id, "potato with eyes"))
console.log("cookie! ", req.cookie)
console.log("cookie parsed:", cookieParser.JSONCookie(req.cookie, "potato with eyes"))
console.log("cookie parsed:", cookieParser.signedCookie(req.cookie, "potato with eyes"))
res.status(403).send("You must login first")
})
app.use(router)
}
解密cookies失败。 id的解密不会改变它。
Web server listening at: http://localhost:3000
Browse your REST API at http://localhost:3000/explorer
Set id to 15
session Session {
cookie:
{ path: '/',
_expires: null,
originalMaxAge: null,
httpOnly: true } }
got id: XifrUZXLhKcDHYqQwxESQlLQQ6N1j49d
decrypting single id: XifrUZXLhKcDHYqQwxESQlLQQ6N1j49d
cookie! undefined
cookie parsed: undefined
cookie parsed: undefined
这里是我用于测试的HTML:
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta charset="utf-8" />
<title></title>
<script src="https://code.jquery.com/jquery-3.1.0.min.js"
integrity="sha256-cCueBR6CsyA4/9szpPfrX3s49M9vUU5BgtiJj06wt/s="
crossorigin="anonymous"></script>
<script>
function log(data)
{
console.log(JSON.stringify(data))
}
$.post("http://localhost:3000/login", { name: "John Smit", id: 15 }, function (data)
{
log(data)
$.post("http://localhost:3000/addLead", {
name: "Anton Berezin", phone: "337225", model: "1234",
mark: "Toyota", yearFrom: "2014", yearTo: "2017"
}, function (data)
{
log(data)
alert(JSON.stringify(data))
})
.fail(function (error)
{
log(error)
})
})
.fail(function(error)
{
alert(JSON.stringify(error))
})
</script>
</head>
<body>
</body>
</html>
并与项目档案: http://www.filedropper.com/cookietest
我感谢所有帮助
编辑: 与req.cookie
而不是req.session.cookie
。没有改变输出。
也许我错过了不便,但你为什么要尝试阅读'req.session.cookie'当'饼干parser'解析它到'req.cookie'? –
谢谢,但它没有帮助)所以body-parser和cookieParser应该enoug? – user2136963
尝试在'var router = ...'之前添加'app.use(require('cookie-parser')());''。 –