Simple use of sessions in Nodejs and methods for Identity Authentication through sessions, nodejssession

Simple use of sessions in Nodejs and methods for Identity Authentication through sessions, nodejssession

The session does not need to be described in detail, so that an http can correspond to an end user.

The essence of session is implemented using cookies.

The principle is probably: http brings the server to set the cookie in advance, the server gets the cookie indicating the user's identity, and then retrieves the corresponding user identity from a fixed location (Database, file. Assign the identity value to the request of this request, and the user's identity will be known in the process. (It is automatically implemented in PHP, ASP, or other server languages)

Implement cookie

You need to set a cookie that can identify the user for each user. You can use the following rules:

The MD5 value of the registered email address + the MD5 value of the password + the MD5 value of the random code. (For example, this may not be a good solution)

Server code snippet:

res.setHeader("Set-Cookie", ["sid="+newUser.toCookie()+";path=/;domain="+config.domain+";expires="+new Date("2030") ]); 

Cookie

sid=275fccab7935736ff68c95c3ddbfaaee|275fccab7935736ff68c95c3ddbfaaee|275fccab7935736ff68c95c3ddbfaaee 

Use cookies to get user identities and set sessions

All requests for non-static resources are directed here for processing. Obtain the cookie, split the cookie, and search for qualified users in the database. Finally, use next to jump to the next request logic.

The next request logic directly uses req. session. user to obtain the user object.

session:function(req, res, next){req.session = {};if( req.cookies && req.cookies.sid ){var a = req.cookies.sid.split("|");var hexMail = a[0];var hexPwd = a[1];var hexRandom = a[2];UserModel.hexFind(hexMail, hexPwd, hexRandom, function( status ){//console.log("hexFind", status );if(status.code == "0"){//req.cookiesSelecter = cookiesSelecter;req.session.user = status.result;}next();});}else{next();} }

Let's talk about nodejs's Identity Authentication through session.

Nodejs express session Authentication

1) Introduction module

var session = require('express-session');var cookieParser = require('cookie-parser');

2) apply cookies and sessions

app.use(cookieParser());app.use(session({resave: true, // don't save session if unmodifiedsaveUninitialized: false, // don't create session until something storedsecret: 'love'}));

3) Application Authentication during request

App. use (function (req, res, next) {if (! Req. session. user) {if (req. url = "/login") {next (); // if the requested address is a logon address, the next request is sent.} else {res. redirect ('/login');} else if (req. session. user) {next ();}});

4) login Design

app.get('/login',function(req,res){res.render("login");});app.post('/login',function(req,res){if(req.body.username=="love" && req.body.password=="love"){var user = {'username':'love'};req.session.user = user;res.redirect('/admin/app/list');}else{res.redirect('/login');}});app.get('/logout',function(req,res){req.session.user = null;res.redirect('/login');});

Articles you may be interested in:

• Use Session and Javascript in PHP to implement the File Upload progress bar Function
• Php uses a two-dimensional session array instance
• Share Sessions Using jquery
• Using session in php to prevent users from logging on to the background illegally
• Client Session usage in Node. js Programming
• Simple tutorial on using Node. js in Mac OS