1 var express = require('express'); 2 var cookieParser = require('cookie-parser'); 3 var bodyParser = require('body-parser'); 4 var app = express(); 5 app.use(bodyParser.json()); 6 app.use(bodyParser.urlencoded({ extended: false })); 7 app.use(cookieParser()) 8 9 10 var sessions = { }; 11 var key = ' session_id '; 12 var EXPIRES = 20 * 60 * 1000; 13 var generate = function(){ 14 var session = {}; 15 session.id = (new Date().getTime() + Math.random()); 16 session.cookie = { 17 expire : new Date().getTime() + EXPIRES 18 } 19 sessions[session.id] = session; 20 return session; 21 } 22 23 24 app.use("/",function(req, res,next){ 25 26 var id = req.cookies.id; 27 if(!id){ 28 console.log("无ID"); 29 req.session = generate(); 30 console.log(req.session); 31 }else{ 32 console.log("有ID"); 33 var session = sessions[id]; 34 if(session){ 35 console.log("有session"); 36 req.session = session; 37 }else{ 38 req.session = generate(); 39 } 40 } 41 res.setHeader('Set-Cookie',['id='+req.session.id,'aaa="bbbb"','path=/', 'max-age=360000','expires='+req.session.cookie.expire]); 42 next() 43 44 }); 45 app.get("/",function(req,res){ 46 if(!req.session.isvist){ 47 req.session.isvist = true; 48 res.send("第一次登陆") 49 }else{ 50 console.log(sessions) 51 res.send("再次登陆") 52 } 53 }) 54 55 app.listen(8080);
修正后:将app.use(“/”)改为app.use("*")
var express = require('express'); var cookieParser = require('cookie-parser'); var bodyParser = require('body-parser'); var app = express(); var user = require('./modules/user'); app.use(bodyParser.json()); app.use(bodyParser.urlencoded({ extended: true })); app.use(cookieParser()); console.log(user); var sessions = { }; var key = ' session_id '; var EXPIRES = 20 * 60 * 1000; var generate = function(){ var session = {}; session.id = (new Date().getTime() + Math.random()); session.cookie = { expire : new Date().getTime() + EXPIRES } sessions[session.id] = session; return session; } //通过中间件实现在每一个路由中都生成session app.use("*",function(req, res,next){ req.aa = "aaaaa"; var id = req.cookies.id; if(!id){ console.log("无ID"); req.session = generate(); console.log(req.session); }else{ console.log("有ID"); var session = sessions[id]; if(session){ console.log("有session"); req.session = session; }else{ req.session = generate(); } } res.setHeader('Set-Cookie',['id='+req.session.id,'aaa="bbbb"','path=/', 'max-age=360000','expires='+req.session.cookie.expire]); next() }); app.get("/",function(req,res){ if(!req.session.isvist){ req.session.isvist = true; res.send("第一次登陆") }else{ console.log(sessions) res.send("再次登陆") } }) app.get('/a',function(req,res){ }) app.listen(8080);
基本逻辑就是,用户进入路由先判断cookie中有没有ID;
没有Id的话生成一个新的session;
有ID的话根据ID去内存或数据库查找session
若没有session生成一个新的session;
若有session查看其过期时间,若过期生成新的session
若没有过期,更新其时间;
最后将session赋值给req.session;
这样在其他路由里就可以访问session了,并且req.session可以挂载任何属性,比方说用户登录后将用户信息挂载到req.session上