整体还是用connect框架实现的,用表单提交数据,服务器端form-data的获取方法在前一章有讲到。每次登录验证它的session.logged_in是否是真,如果不为真,则显示表单进行登陆验证,否则显示已登录
session.js
var connect=require('connect')
,cookieSession=require('cookie-session')
,users=require('./users')
,morgan = require('morgan')
,multipart = require('connect-multiparty');
var server=connect()
.use(cookieSession({
name:'session',
keys: ['key1','key2'],
maxAge:1000*30
}))
.use(morgan())
.use(multipart())
.use(function(req,res,next){
if('/'==req.url&&req.session['logged_in']==true){
console.log('relogging')
res.writeHead(200,{'Content-Type':'text/html'})
res.end(`<h1>welcome back,<b>${req.session['name']}</b></h1><p><a>log Out</a></p>`)
}else{
next()
}
})
.use(function(req,res,next){
if('/'==req.url&&req.method=="GET"){
console.log(req.session['logged_in'])
res.writeHead(200,{'Content-type':'text/html'})
res.end(`<form action="/login" method="POST" enctype="multipart/form-data">
<fieldset>
<p>
<span>username</span>
<input type="text" name="username"/>
</p>
<p>
<span>password</span>
<input type="password" name="password"/>
</p>
<input type="submit" name="submit" value="submit"/>
</fieldset>
</form>
`)
}
else{
next()
}
})
.use(function(req,res,next){
if(req.url=="/login"&&req.method=="POST"){
//console.log(req.body)
res.writeHead(200)
if(req.body.password!=users[req.body.username].password||!users[req.body.username].password){
res.end('Wrong password')
}else{
req.session.logged_in=true
req.session['name']=users[req.body.username].name
res.end('Authenticated')
}
}else{
next()
}
})
.use(function(req,res,next){
if('/logout'==req.url&&req.method=="GET"){
req.session['logged_in']=false;
res.writeHead(200)
res.end("Logged out")
}else{
next()
}
})
server.listen(3000)
刷新后session居然没保存上,还有待改进.... 问了下师兄,发现是一个之前一直忽视的问题:req要写在res之前。我真蠢,真的。 好了现在就对了。
.use(function(req,res,next){
if(req.url=="/login"&&req.method=="POST"){
//console.log(req.body)
if(req.body.password!=users[req.body.username].password||!users[req.body.username].password){
res.writeHead(200)
res.end('Wrong password')
}else{
req.session.logged_in=true
req.session['name']=users[req.body.username].name
res.writeHead(200)
res.end('Authenticated')
}
}else{
next()
}
})