增加session验证拦截器
修复body
This commit is contained in:
parent
da3642c7c4
commit
4cf2b8e1de
6
app.js
6
app.js
@ -8,6 +8,7 @@ const cookieParser = require('cookie-parser');
|
||||
|
||||
const indexRouter = require('./routes/index');
|
||||
const mongodbConfig = require('./db/mongodb.config');
|
||||
const loginUtils = require("./utils/LoginUtil");
|
||||
|
||||
const app = express();
|
||||
|
||||
@ -16,9 +17,10 @@ require("dotenv").config();
|
||||
const dbAccount = process.env.DB_ACCOUNT;
|
||||
const dbPassword = process.env.DB_PASSWORD;
|
||||
const loginSecret = process.env.SESSION_SECRET;
|
||||
console.log(dbAccount, dbPassword);
|
||||
mongodbConfig.connectMongoDB(dbAccount, dbPassword);
|
||||
|
||||
app.use(cors());
|
||||
app.use(cors({ origin: 'http://localhost:5173', credentials: true }));
|
||||
app.use(logger('dev'));
|
||||
app.use(express.json());
|
||||
app.use(express.urlencoded({ extended: false }));
|
||||
@ -35,7 +37,7 @@ app.use(session({
|
||||
},
|
||||
}));
|
||||
|
||||
app.use('/', indexRouter);
|
||||
app.use('/', loginUtils.aopMiddleware, indexRouter);
|
||||
|
||||
// catch 404 and forward to error handler
|
||||
app.use(function (req, res, next) {
|
||||
|
||||
@ -26,12 +26,11 @@ router.get('/user', async function (req, res, next) {
|
||||
})
|
||||
|
||||
router.post('/login', async function (req, res, next) {
|
||||
const body = JSON.parse(JSON.stringify(req.body));
|
||||
const body = req.body;
|
||||
if (!StringUtils.isNotEmpty(body)) {
|
||||
res.json({ ret_code: -1, ret_msg: '登录失败' });
|
||||
return res.json({ ret_code: -1, ret_msg: '登录失败' });
|
||||
}
|
||||
const account = body.account;
|
||||
const password = body.password;
|
||||
const { account, password } = body;
|
||||
|
||||
if (account === '' || account === undefined || account === null) {
|
||||
return res.json({ ret_code: -1, ret_msg: '没有填写账号' });
|
||||
@ -54,17 +53,12 @@ router.post('/login', async function (req, res, next) {
|
||||
return res.json({ ret_code: -1, ret_msg: '登录失败' });
|
||||
}
|
||||
req.session.account = account;
|
||||
console.log(req.session.account);
|
||||
res.json({ ret_code: 0, ret_msg: '登录成功' });
|
||||
});
|
||||
});
|
||||
|
||||
router.get('/logout', async function (req, res, next) {
|
||||
console.log(req.session);
|
||||
console.log(req.sessionID);
|
||||
console.log(req.session.account);
|
||||
console.log(req.session.cookie);
|
||||
res.json({ ret_code: 1, ret_msg: '成功' });
|
||||
res.json({ ret_code: 1, ret_msg: '退出登录成功' });
|
||||
});
|
||||
|
||||
module.exports = router;
|
||||
|
||||
@ -1,10 +1,12 @@
|
||||
exports.aopMiddleware = function (req, res, next) {
|
||||
console.log(req.url);
|
||||
console.log(req.method);
|
||||
|
||||
if (req.session) {
|
||||
|
||||
}
|
||||
|
||||
if (req.url === '/login') {
|
||||
next();
|
||||
} else {
|
||||
if (req.session.account === undefined) {
|
||||
res.status('404').json({ error: 'Acess is denied' });
|
||||
} else {
|
||||
next();
|
||||
}
|
||||
}
|
||||
}
|
||||
Loading…
Reference in New Issue
Block a user