0
AdonisJsフレームワークを使用して、複数のユーザーの認証ページを開発しています。このページでは、ユーザーが認証されたときにのみプロファイルを表示できるようになります。しかし、Adonisは現在、アプリケーションに接続しているすべてのユーザー間でセッションを共有しています。したがって、誰かが一度ログインすると、そのプロファイルは誰でも有効になります。AdonisJsの共有セッション
'use strict'
class UserController {
* login (request, response) {
const email = request.input('email')
const password = request.input('password')
const login = yield request.auth.attempt(email, password)
if (login) {
response.send('Logged In Successfully')
return
}
response.unauthorized('Invalid credentails')
}
* profile (request, response) {
const user = yield request.auth.getUser()
if (user) {
response.ok(user)
return
}
response.unauthorized('You must login to view your profile')
\t }
}以下に設定/ auth.jsするconfig
'use strict'
const Config = use('Config')
module.exports = {
/*
|--------------------------------------------------------------------------
| Authenticator
|--------------------------------------------------------------------------
|
| Authenticator is a combination of HTTP Authentication scheme and the
| serializer to be used for retrieving users. Below is the default
| authenticator to be used for every request.
|
| Available Schemes - basic, session, jwt, api
| Available Serializers - Lucid, Database
|
*/
authenticator: 'session',
/*
|--------------------------------------------------------------------------
| Session Authenticator
|--------------------------------------------------------------------------
|
| Session authenticator will make use of sessions to maintain the login
| state for a given user.
|
*/
session: {
serializer: 'Lucid',
model: 'App/Model/User',
scheme: 'session',
uid: 'email',
password: 'password'
},
/*
|--------------------------------------------------------------------------
| Basic Auth Authenticator
|--------------------------------------------------------------------------
|
| Basic Authentication works on Http Basic auth header.
|
*/
basic: {
serializer: 'Lucid',
model: 'App/Model/User',
scheme: 'basic',
uid: 'email',
password: 'password'
},
/*
|--------------------------------------------------------------------------
| JWT Authenticator
|--------------------------------------------------------------------------
|
| Jwt authentication works with a payload sent with every request under
| Http Authorization header.
|
*/
jwt: {
serializer: 'Lucid',
model: 'App/Model/User',
scheme: 'jwt',
uid: 'email',
password: 'password',
secret: Config.get('app.appKey')
},
/*
|--------------------------------------------------------------------------
| API Authenticator
|--------------------------------------------------------------------------
|
| Api authenticator authenticates are requests based on Authorization
| header.
|
| Make sure to define relationships on User and Token model as defined
| in documentation
|
*/
api: {
serializer: 'Lucid',
model: 'App/Model/Token',
scheme: 'api'
}
}以下れるコンフィグ/ database.js
あります
'use strict'
const Env = use('Env')
const Helpers = use('Helpers')
module.exports = {
/*
|--------------------------------------------------------------------------
| Default Connection
|--------------------------------------------------------------------------
|
| Connection defines the default connection settings to be used while
| interacting with SQL databases.
|
*/
connection: Env.get('DB_CONNECTION', 'pg'),
/*
|--------------------------------------------------------------------------
| Sqlite
|--------------------------------------------------------------------------
|
| Sqlite is a flat file database and can be good choice under development
| environment.
|
| npm i --save sqlite3
|
*/
sqlite: {
client: 'sqlite3',
connection: {
filename: Helpers.databasePath('development.sqlite')
},
useNullAsDefault: true
},
/*
|--------------------------------------------------------------------------
| MySQL
|--------------------------------------------------------------------------
|
| Here we define connection settings for MySQL database.
|
| npm i --save mysql
|
*/
mysql: {
client: 'mysql',
connection: {
host: Env.get('DB_HOST', 'localhost'),
user: Env.get('DB_USER', 'root'),
password: Env.get('DB_PASSWORD', ''),
database: Env.get('DB_DATABASE', 'adonis')
}
},
/*
|--------------------------------------------------------------------------
| PostgreSQL
|--------------------------------------------------------------------------
|
| Here we define connection settings for PostgreSQL database.
|
| npm i --save pg
|
*/
pg: {
client: 'pg',
connection: {
host: Env.get('DB_HOST', 'localhost'),
user: Env.get('DB_USER', 'correctuser'),
password: Env.get('DB_PASSWORD', 'correctpassword'),
database: Env.get('DB_DATABASE', 'correctdb')
}
}
}
私はちょうどadonisが合法的に見えると思っています..私はadonisのために急行を急ぐように感じます:D – MilkyWayJoe