当我有以下内容时, session 会持续存在并且页面会计算访问次数。
app.set('trust proxy', true)
// The documentation specifies '1' instead of 'true'
app.use(session({
secret: 'my secret',
proxy: true,
resave: false,
saveUninitialized: true,
cookie: { secure: false }
}))
app.listen(3000, function(){
console.log("Server is connected!");
});
app.get("/login", (req, res) => {
if(req.session.page_views){
req.session.page_views++;
res.send("You visited this page " + req.session.page_views + " times");
} else {
req.session.page_views = 1;
res.send("Welcome to this page for the first time!");
}
});
但是,当我删除
app.listen(3000, ...)
而是在 localhost
中运行通过命令firebase serve
在 CLI 中, session 不会持久化。我还尝试通过
firebase deploy
在生产环境中运行但是,同样, session 不会持续存在。我在
app.use(session({
上尝试了多个选项我相信解决方案可能就在那里。有什么建议吗?
更新
const express = require('express');
const session = require('express-session');
const FirestoreStore = require('firestore-store')(session);
const bodyParser = require('body-parser');
app.use(cookieParser('My secret'));
app.use(bodyParser.urlencoded({ extended: true }));
app.use(session({
store: new FirestoreStore({
database: firebase.firestore()
}),
secret: 'My secret',
resave: true,
saveUninitialized: true,
cookie: {maxAge : 60000,
secure: false,
httpOnly: false }
}));
最佳答案
我会建议一些东西,而不是使用这个 FirestoreStore , 我建议你用这个FirebaseStore .
我注意到您使用的是 Express,因此您可能需要检查以下用法:
表达
注意 :在 Express 4 中,必须将 express-session 传递给函数 connect-session-firebase 导出以扩展 express-session.Store:
const express = require('express');
const session = require('express-session');
const FirebaseStore = require('connect-session-firebase')(session);
const firebase = require('firebase-admin');
const ref = firebase.initializeApp({
credential: firebase.credential.cert('path/to/serviceAccountCredentials.json'),
databaseURL: 'https://databaseName.firebaseio.com'
});
express()
.use(session({
store: new FirebaseStore({
database: ref.database()
}),
secret: 'keyboard cat'
resave: true,
saveUninitialized: true
}));
您可能还想真正考虑 安全 由该依赖项提供
If you use a publicly available Firebase Database, please set proper rules:
{
"rules": {
".read": "false",
".write": "false",
"sessions": {
".read": "false",
".write": "false"
},
"some_public_data": {
".read": "true",
".write": "auth !== null"
}
}
}
您可以阅读更多关于 Firebase rules 的信息和 connect-session-firebase
关于javascript - Express session 不适用于 Firebase 托管,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/51119547/