express環(huán)境下開(kāi)發(fā)的登錄驗(yàn)證碼����,將驗(yàn)證碼存入session中,發(fā)現(xiàn)客戶端并沒(méi)有能夠成功在cookie中保存connnect_sid���,后端跑在3000端口�����,前端用ng4+ng-zorro跑在4200����,代碼片段如下:
app.js:
var express = require('express');
var path = require('path');
var favicon = require('serve-favicon');
var logger = require('morgan');
var cookieParser = require('cookie-parser');
var bodyParser = require('body-parser');
var session = require('express-session');
var app = express();
// view engine setup
app.set('views', path.join(__dirname, 'views'));
app.set('view engine', 'ejs');
// nginx反向代理時(shí)獲取正確的客戶端ip
app.set('trust proxy', 'loopback');
// uncomment after placing your favicon in /public
//app.use(favicon(path.join(__dirname, 'public', 'favicon.ico')));
app.use(logger('dev'));
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: false }));
app.use(cookieParser());
app.use(express.static(path.join(__dirname, 'public')));
app.all('*', function(req, res, next) {
res.header('Access-Control-Allow-Origin', '*');
res.header('Access-Control-Allow-Headers', 'Origin, No-Cache, X-Requested-With, If-Modified-Since, Pragma, Last-Modified, Cache-Control, Expires, Content-Type, X-E4M-With, X-Access-Token, X-Real-IP');
res.header('Access-Control-Allow-Methods','PUT,POST,GET,DELETE,OPTIONS');
next();
});
app.use(session({
name: 'nsid',
secret: 'amazing',
resave: true,
saveUninitialized: false,
rolling: true,
captcha: 'ss'
}));
// app.use('/', index);
app.use('/api', require('./api/login'));
login.js:
/* 登錄登出接口���,驗(yàn)證碼生成 */
var express = require('express');
var router = express.Router();
const db = require('../config/db');
var svgCaptcha = require('svg-captcha');
var lang = require('../lib/lang.json');
router.route('/user/login')
.post (function (req, res) {
var name = req.body.username;
var pwd = req.body.password;
var captcha = req.body.captcha;
console.log(typeof captcha, typeof req.session.captcha);
console.log(captcha != req.session.captcha);
if (captcha !== '' && captcha != req.session.captcha) {
return res.status(200).json({
status: 0,
message: `${lang.error},驗(yàn)證碼錯(cuò)誤`
})
}
var uInfo = db.get('user').find({name: name}).value();
if (uInfo) {
if (name === uInfo.name && pwd === uInfo.pwd) {
return res.status(200).json({
status: 1,
message: lang.success
})
} else {
return res.status(200).json({
status: 0,
message: `${lang.error},用戶名或密碼錯(cuò)誤`
})
}
} else {
return res.status(200).json({
status: 0,
message: `${lang.error},用戶名不存在`
})
}
});
router.route('/captcha')
.get (function (req, res) {
var captcha = svgCaptcha.createMathExpr({
noise: 2,
color: true,
width: 116,
height: 32,
fontSize: 36,
background: '#f8f8f8'
});
req.session.captcha = captcha.text;
// console.log(req.session.captcha);
res.type('svg');
console.log(req.session.captcha);
return res.status(200).json({
status: 1,
message: lang.success,
data: captcha.data,
});
});
router.route('/test')
.get(function (req, res) {
console.log(req.session.captcha);
return res.status(200).json({
status: 1,
message: lang.success,
data: req.session.captcha,
});
});
module.exports = router;
存和取兩個(gè)請(qǐng)求得到的響應(yīng)頭如下,由于存的操作沒(méi)有成功寫入客戶端的cookie���,導(dǎo)致取出的session為undefined:
訪問(wèn)captcha接口后�����,客戶端的cookie如下:
會(huì)有哪些原因?qū)е驴蛻舳瞬荒鼙4鎠ession的id�?
