在node.js中堆叠路由
var express = require('express'); var router = express.Router(); router.use(function(req, res, next){ console.log(req.user) if(!req.user){ res.redirect('/login'); }else{ res.locals.username = req.user.username; return next(); } }); //this won't work router.get('/register', function(req, res, next) { res.render('register'); }); 第一块是有道理的,它的工作,我可以有一个受保护的路线login系统。 但在同一时间,它毁了我的第二个位,它会显示login页面尽pipe我试图让nagivate本地主机:3000 /注册。
当你使用router.use()你告诉路由器在所有下一个roter.get()路由中使用该函数中间件。 所以在这里,顺序是有道理的。 如果你关心秩序,你可以做些什么@bloodyKnuckles做的。 或者,如果你想保持你的路线的模式,你可以做到以下几点:
// Routes that don't need authorization like register router.get('home',...); router.get('register',...); // Use your authorization middleware router.use(function(req, res, next){ console.log(req.user) if(!req.user){ res.redirect('/login'); }else { res.locals.username = req.user.username; return next(); } }); // At this point you're using the authorization middleware. // Any routes declared from here will call authorization middleware before its handler. router.get('profile', ...);
使用快速路由中间件选项来区分受保护的路由和不受保护的路由。
// unprotected routes (no auth middleware) router.get('/login', function(req, res, next) { res.render('login'); }); router.get('/register', function(req, res, next) { res.render('register'); }); // protected route (see auth middleware here) router.get('/userinfo', authorize, function(req, res, next) { res.render('userinfo'); }); function authorize (req, res, next){ console.log(req.user) if(!req.user){ res.redirect('/login'); }else{ res.locals.username = req.user.username; return next(); } }
只将您的授权中间件包含在受保护的路由中:
router.get(path, [middleware (optional),] callback)