How to use session to Control the access of NodeJS Interface

problem description

how can I deny access to an interface other than login if it is known that the request does not contain session,?
the front-end framework uses Vue

the environmental background of the problems and what methods you have tried

the method I use is to clear a cookie field, and the front end determines that if it doesn"t have this field, it jumps to the login page, but the interface is actually accessible. How to control in the background that users cannot access interfaces other than login if they do not log in? 

if (!requestData.SESSION().user) {
    res.clearCookie("user", {"max-age":0});
    res.setHeader("Set-Cookie", "user=true;path=/;max-age=0;");
    // res.setHeader("Set-Cookie", "isVisit=true;path=/;max-age=0;");
    // res.json({message: "please signin"})
}

related codes

/ / Please paste the code text below (do not replace the code with pictures)

what result do you expect? What is the error message actually seen?

1. How to control in the background that users cannot access interfaces other than login if they do not log in?
2. Another question is, how can you clear more than one Cookie at a time in the background?

Session node.js
Apr.02,2021

use express?

if so, add a routing middleware directly in front of all requests to intercept. If there is no such SESSION, then directly error or other processing, do not go down the next to execute.

of course, it doesn't matter if you don't use express. The reason is the same. You can intercept requests beforehand. 

app.use((res, res, next) => {
    if (!requestData.SESSION().user){
        next('...')
    }else{
        next()
    }
})

after pondering and consulting others, put the
written by yourself and encapsulate it under server

. 
if (!requestData.SESSION().user && controller.auth > 1) { // req  session  auth   
    res.setHeader('Set-Cookie', ['user=true;path=/;max-age=0;', 'access=0;path=/;max-age=0;']); // cookie
    responseData.renderJSON({code: 403, msg: 'do not have permission'}) // 403 
}

Previous: After reading the throttling code implemented by others, I don't understand the meaning of this,arguments in this closure. Please give me some advice.

Next: Js different callback setting variables report error

css mysql arrays josn react html typescript webpack npm sass R objective-c .net sql-server jquery python-3.x angularjs django angular excel regex iphone ajax linux xml pandas vba spring database wordpress string wpf xcode windows bash postgresql oracle multithreading eclipse list firebase algorithm macos forms image scala visual-studio azure bootstrap spring-boot react-native python-2.7 docker performance function winforms matlab powershell apache dataframe api sqlite numpy rest shell selenium flutter dart maven loops qt swing android-studio csv express file class tensorflow sorting codeigniter perl
© 2021 CodesHelper
Advertising Contact us About us
Menu