节点JSredirect给了我一堆html文本
想问一个关于nodeJSredirect和可能呈现的问题。
app.js
在我的app.js中,我有这些代码,运行良好。
app.get('/dashboard', routes.dashboard); app.get('/error/404', error.notFound);
那么,进一步深入的方法
error.notFound
当你从URL中加载它时,它也可以工作得很好
exports.illegal = function(req, res){ var authLevel = ''; var entityName = ''; var entityId = ''; var deviceId = ''; if (req.session.authorizationLevel) authLevel = req.session.authorizationLevel; if (req.session.name) entityName = req.session.name; if (req.session.entityId) entityId = req.session.entityId; if (req.session.deviceId) deviceId = req.session.deviceId; res.render('error/illegal', { title: 'Illegal' , viewClass: 'illegal' , ngController : '' , entityName : entityName , entityId : entityId , deviceId : deviceId , authorizationLevel : authLevel }); };
routes.dashboard
当你从URL中加载它时,它也可以工作得很好
exports.dashboard = function(req, res){ //Method for authorization, see below. This is giving me error. authorizationHelper.authorizationLevels(req, res, 400); var authLevel = ''; var entityName = ''; var entityId = ''; var deviceId = ''; if (req.session.authorizationLevel) authLevel = req.session.authorizationLevel; if (req.session.name) entityName = req.session.name; if (req.session.entityId) entityId = req.session.entityId; if (req.session.deviceId) deviceId = req.session.deviceId; res.render('dashboard', { title: 'Dashboard' , viewClass: 'dashboard' , ngController: 'dashboardController' , entityName : entityName , entityId : entityId , deviceId : deviceId , authorizationLevel : authLevel }); };
这是棘手的部分,给了我一些错误。
//Method for authorization, see below. This is giving me error. authorizationHelper.authorizationLevels(req, res, 400);
authorizationHelper
此方法将检查用户是否被允许查看页面,否则将redirect
exports.authorizationLevels = function(req, res, levelRequired){ if (req.session.authorizationLevel < levelRequired || !req.session.authorizationLevel){ //user is not allowed to view the page, redirect to illegal page res.redirect('/error/401'); } }
问题是,从顶部到这个res.redirect('/ error / 401')的一切工作正常,有时,在服务器上,它不会呈现页面,而是将呈现一大堆HTML文本和一些头! !
请帮忙!
你可以改变
exports.authorizationLevels = function(req, res, levelRequired) { if (req.session.authorizationLevel < levelRequired || !req.session.authorizationLevel){ //user is not allowed to view the page, redirect to illegal page res.redirect('/error/401'); } }
至
exports.authorizationLevels = function(req, res, levelRequired) { if (req.session.authorizationLevel < levelRequired || !req.session.authorizationLevel){ //user is not allowed to view the page, redirect to illegal page res.redirect('/error/401'); return false; } return true; }
和
authorizationHelper.authorizationLevels(req, res, 400);
至
if (!authorizationHelper.authorizationLevels(req, res, 400)) return;
这将防止未经授权的访问您的仪表板呈现。
另外,你也可以考虑集中你的error handling,这样你只需要安装一个error handling中间件( (err, req, res, next)
),然后在那里做错误模板渲染你的路由处理程序),除非你想让他们在浏览器中看到/error/401
和这样的URL。