如何与socket.io捆绑快速会话
如何使用socket.io将expression式4中的会话关联起来,这样会话数据既可以被检索到,也可以被双向保存。
socket.io中的身份validation是基于标记的jwt
相同的套接字在多个虚拟主机中共享
例如:
global.socket.of('/secure').on('connection', function(socket){ console.log('client connected to "secure" socket'); });
app.js
var port = 3000, jwtSecret = '26fed98d8c6c7c54f485f1ee7ffe44d2e1feae28'; var app = require('express')(), vhost = require('vhost'), server = require('http').createServer(app), socketioJwt = require('socketio-jwt'); // Start server with socket.io global.socket = require('socket.io').listen(app.listen(port, function(){ console.log('Express server listening on port '+port); })); // Socket authentication global.socket.set('authorization', socketioJwt.authorize({ secret: jwtSecret, handshake: true })); // Virtual hosts app.use(vhost('secure.domain.com', require('./vhost/secure')(jwtSecret)));
虚拟主机/ secure.js
var express = require('express'), http = require('http'), jwt = require('jsonwebtoken'); function Host(jwtSecret){ var app = express(); // Session app.use(require('cookie-parser')()); app.use(require('express-session')({ secret: '0a6e0caf5477cee686726ad06284309eb4a580e4', key: 'express.sid', cookie: { maxAge : 1000*60*10 } })); // HTTP 200 app.get('/', function(req, res){ res.end('helle world!'); }); app.post('/login', function(req, res){ var profile = { id: 1, name: 'username' }; var token = jwt.sign(profile, jwtSecret, {expiresInMinutes: 60}); res.json({token: token}); }); global.socket.of('/secure').on('connection', function(socket){ console.log('client connected to "secure" socket'); socket.on('disconnect', function(){ console.log('client disconnected from "secure" socket'); }); }); return http.createServer(app); } module.exports = Host;
- nodejs sessionStore与cloudant app.use不一致的执行
- 基于令牌的身份validation和浏览器上的会话/本地存储
- 是node.js Express.cookieSession足够安全地保存敏感数据?
- 如何在express,couchDB和node.js中使用会话
- loginTwitter OAuth没有会话aka token_secret(AngularJS失败)
- Node Express – req.cookies和req.session.cookie之间的区别
- 如何仅在经过身份validation时才给予会话? 任何其他中间件订单将无法正常工作
- 在Express.js中不能使用connect-redis
- Passport.js twitter身份validation导致500错误,req.session未定义