我正在使用 Parse.com 和 nodejs 进行用户身份验证,但每个人都是同一个用户
I am using Parse.com and nodejs for user authentication, but everyone is the same user
我正在使用 node parse package 在服务器上执行用户身份验证。但是,一旦单个用户登录,该网站的每个访问者都将作为该用户进行身份验证。
由于 parse 和 nodejs 的性质,parse 以这样一种方式存储用户,即它是通过您的节点实例而不是客户端进行身份验证的。要解决此问题,请使用 parse、会话和 Parse 用户对象中的 .become() 方法提供的用户令牌。
我选择使用 cookie-session 进行会话。
当您的用户登录时:
parse = require('parse').Parse
parse.initialize([ your key ], [ your other key ])
parse.User.logIn(req.body.username, req.body.password, {
success: function(user) {
req.session.token = user._sessionToken
[ whatever you want to do here]
},
error: function(error) {
[ handle your error ]
}
})
每次加载页面时:
app.use(function(req, res, next) {
parse = require('parse').Parse
parse.initialize([ your key ], [ your other key ])
parse.User.become(req.session.token ? req.session.token: "gibberish").then(function(user) { // If null is passed to .become() it will assume current(), which we don't want
[ user is now the client authenticated user ]
})
})
注销:
parse = require('parse').Parse
parse.initialize([ your key ], [ your other key ])
parse.User.logOut()
req.session = null
比照。 https://parse.com/docs/hosting_guide#webapp-users
User Session Management
You can add Parse.User authentication and session management to your Express app using the parseExpressCookieSession middleware. You just need to call Parse.User.logIn() in Cloud Code, and this middleware will automatically manage the user session for you.
You can use a web form to ask for the user's login credentials, and log in the user in Cloud Code when you receive data from this form. After you call Parse.User.logIn(), this middleware will automatically set a cookie in the user's browser. During subsequent HTTP requests from the same browser, this middleware will use this cookie to automatically set the current user in Cloud Code. This will make ACLs work properly in Cloud Code, and allow you to retrieve the entire current user object if needed. Finally, when you log out a user in Cloud Code by calling Parse.User.logOut(), this middleware will automatically remove the browser cookie. For sample app code, please see the documentation for this middleware.
When you work with user data, you should use HTTPS whenever possible. To protect your app and your users, the parseExpressCookieSession middleware requires you to use HTTPS. For your convenience, we also provide a parseExpressHttpsRedirect middleware for redirecting all HTTP requests to HTTPS. Please see its documentation for details.
我正在使用 node parse package 在服务器上执行用户身份验证。但是,一旦单个用户登录,该网站的每个访问者都将作为该用户进行身份验证。
由于 parse 和 nodejs 的性质,parse 以这样一种方式存储用户,即它是通过您的节点实例而不是客户端进行身份验证的。要解决此问题,请使用 parse、会话和 Parse 用户对象中的 .become() 方法提供的用户令牌。
我选择使用 cookie-session 进行会话。
当您的用户登录时:
parse = require('parse').Parse
parse.initialize([ your key ], [ your other key ])
parse.User.logIn(req.body.username, req.body.password, {
success: function(user) {
req.session.token = user._sessionToken
[ whatever you want to do here]
},
error: function(error) {
[ handle your error ]
}
})
每次加载页面时:
app.use(function(req, res, next) {
parse = require('parse').Parse
parse.initialize([ your key ], [ your other key ])
parse.User.become(req.session.token ? req.session.token: "gibberish").then(function(user) { // If null is passed to .become() it will assume current(), which we don't want
[ user is now the client authenticated user ]
})
})
注销:
parse = require('parse').Parse
parse.initialize([ your key ], [ your other key ])
parse.User.logOut()
req.session = null
比照。 https://parse.com/docs/hosting_guide#webapp-users
User Session Management
You can add Parse.User authentication and session management to your Express app using the parseExpressCookieSession middleware. You just need to call Parse.User.logIn() in Cloud Code, and this middleware will automatically manage the user session for you.
You can use a web form to ask for the user's login credentials, and log in the user in Cloud Code when you receive data from this form. After you call Parse.User.logIn(), this middleware will automatically set a cookie in the user's browser. During subsequent HTTP requests from the same browser, this middleware will use this cookie to automatically set the current user in Cloud Code. This will make ACLs work properly in Cloud Code, and allow you to retrieve the entire current user object if needed. Finally, when you log out a user in Cloud Code by calling Parse.User.logOut(), this middleware will automatically remove the browser cookie. For sample app code, please see the documentation for this middleware.
When you work with user data, you should use HTTPS whenever possible. To protect your app and your users, the parseExpressCookieSession middleware requires you to use HTTPS. For your convenience, we also provide a parseExpressHttpsRedirect middleware for redirecting all HTTP requests to HTTPS. Please see its documentation for details.