1.
// sign out
exports.signout = function (req, res, next) {
req.session.destroy();
res.clearCookie(config.auth_cookie_name, { path: '/' });
res.redirect('/');
};
登录退出的时候,需要销毁session,并且清楚cookie.
2. 登录的get请求的时候,我们需要保存session.
exports.showLogin = function (req, res) {
req.session._loginReferer = req.headers.referer;
res.render('sign/signin');
};
3. 在给前台返回req的时候,我们需要明白
req.session.user = user;
delete user.userPass;
delete user.userSalt;