Session needs no introduction, so that one http can correspond to one end user.
The essence of session is implemented using cookies.
The principle is probably: http brings the server to set cookies in advance, the server gets the cookie indicating the user's identity, and then goes to a fixed location (database, file) to retrieve the corresponding user identity. Assign the identity to the request of this request, and the user's identity will be known during program processing. (It is automatically implemented for you in PHP, ASP or other server-side languages)
Implement cookies
A cookie that identifies the user needs to be set for each user. You can use the following rules
MD5 value of registered email + MD5 value of password + MD5 value of random code. (Just an example, this may not be a good solution)
Server-side code snippet:
res.setHeader("Set-Cookie", ["sid="+newUser.toCookie()+";path=/;domain="+config.domain+";expires="+new Date("2030") ]); cookie
sid=275fccab7935736ff68c95c3ddbfaaee|275fccab7935736ff68c95c3ddbfaaee|275fccab7935736ff68c95c3ddbfaaee
Use cookies to obtain user identity and set up session
Direct all non-static resource requests here for processing. Get the cookie, split the cookie and find qualified users in the database. Finally, use next to jump to the next request logic.
The next request logic is to directly use req.session.user to obtain the user object.
session:function(req, res, next){
req.session = {};
if( req.cookies && req.cookies.sid ){
var a = req.cookies.sid.split("|");
var hexMail = a[0];
var hexPwd = a[1];
var hexRandom = a[2];
UserModel.hexFind(hexMail, hexPwd, hexRandom, function( status ){
//console.log("hexFind", status );
if(status.code == "0"){
//req.cookiesSelecter = cookiesSelecter;
req.session.user = status.result;
}
next();
});
}else{
next();
}
}Let me talk about how nodejs implements identity authentication through session
nodejs express session authentication
1) Import module
var session = require('express-session');
var cookieParser = require('cookie-parser');2) Apply cookie and session
app.use(cookieParser());
app.use(session({
resave: true, // don't save session if unmodified
saveUninitialized: false, // don't create session until something stored
secret: 'love'
}));3) When requesting, apply authentication
app.use(function(req,res,next){
if (!req.session.user) {
if(req.url=="/login"){
next();//如果请求的地址是登录则通过,进行下一个请求
}
else
{
res.redirect('/login');
}
} else if (req.session.user) {
next();
}
});4) Login design
app.get('/login',function(req,res){
res.render("login");
});
app.post('/login',function(req,res){
if(req.body.username=="love" && req.body.password=="love"){
var user = {'username':'love'};
req.session.user = user;
res.redirect('/admin/app/list');
}
else
{
res.redirect('/login');
}
});
app.get('/logout',function(req,res){
req.session.user = null;
res.redirect('/login');
});
Top ten digital currency exchanges
common tags for dedecms
createmutex function usage
What are the advantages and disadvantages of decentralization
How to solve accessviolation
Solution to the problem that win10 download software cannot be installed
cmd command to clean up C drive junk
Open home folder on mac
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
