发表新帖
发表新帖

Express change session every request

后端 未结
关注
5 1846
夕颜
夕颜 2021-02-11 01:52

I have a function to login

app.post(\'/doLogin\', function(req,res){
        db.users.findOne({username: req.body.username}, function(err, user) {
            if
5条回答
  • 小蘑菇
    小蘑菇 (楼主)
    2021-02-11 02:21

    Express-session uses the cookie to set or get the session id from the client

    as stated on the documentation

    Please note that secure: true is a recommended option. However, it requires an https-enabled website, i.e., HTTPS is necessary for secure cookies. If secure is set, and you access your site over HTTP, the cookie will not be set.

    Remember the below points:

    • If you are not hosting on HTTPS connection cookie secure flag should be set to false.

    • If the you are using a proxy thats hosted on the HTTPS you should set trust proxy to 1. Refer the documentation

    Below option will resolve the issue of session ID reset for every request

    cookie: { secure: false }

    for example:

    app.use(session({
  // your settings
  cookie: { secure: false }
}))

    0 讨论(0)
 看不清?
提交回复
热议问题