0
ユーザーが正常に認証され、ダッシュボードにリダイレクトされたときに、7つのajax http要求を作成するこの単一ページアプリケーションがあります。ユーザーがパスポートを認証し、セッションが作成されると、ダッシュボードにリダイレクトされます。ダッシュボードがロードされると、サーバーに7つのajaxコールが送信され、ユーザーデータが取得されます。localhostでは、このアプリケーションはリモートクラウドサーバー、スマートパッドまたはWindows 10のようなアンドロイドデバイスを使用してサイトを訪問する場合、期待どおりに動作しますが、ダッシュボードへの認証とリダイレクトが成功した後のWindows 7および8では、ユーザーデータを取得すると思われるAJAX呼び出しは機能しません。私がリモートサーバ上のreq.userをコンソールすると、そのエンドポイント内で定義されていないと言われます。セッションが設定されていないか破棄されているようです。ここでエクスプレスセッションは、localhost、androidデバイス、Windows 10およびWindows 7または8で異なって動作します
はコード
'use strict';
require('dotenv').config();
var express = require('express');
var path = require("path");
var multer = require('multer');
var bodyParser = require('body-parser');
var router = express.Router();
var session = require('express-session');
var passport = require('passport');
var flash = require('connect-flash');
var cookieParser = require("cookie-parser");
var MongoDBStore = require('connect-mongodb-session')(session);
var configuration = function (app,model) {
\t //config
\t var storeDB = process.env.MONGODB_ADDON_URI || "mongodb://127.0.0.1:27017/mydb";
var store = new MongoDBStore(
{
uri: storeDB,
collection: 'mySessions'
});
app.use('/assets',express.static(__dirname + '/public'));
//middleware
app.use(cookieParser('anything'));
app.use(session({
secret: 'anything',
store: store,
resave: true, \t
saveUninitialized: true,
cookie: {
httpOnly: true,
\t originalMaxAge: 35999998,
path: "/",
}
}));
\t
app.use(passport.initialize());
app.use(passport.session());
app.use(flash()); \t \t
app.use(bodyParser.urlencoded({ extended: false }));
app.use(bodyParser.json());
app.use(multer({dest: './uploads'}).any());
app.use(function(req, res, next) {
res.header('Access-Control-Allow-Credentials', true);
res.header('Access-Control-Allow-Origin', req.headers.host);
res.header('Access-Control-Allow-Methods', 'GET,PUT,POST,DELETE');
res.header('Access-Control-Allow-Headers', 'X-Requested-With, X-
HTTP-Method-Override, Content-Type, Accept');
if ('OPTIONS' == req.method) {
res.send(200);
} else {
\t next();
}
});
passport.serializeUser(function(user, done) {
done(null, user._id);
});
passport.deserializeUser(function(id, done) { \t \t \t
model.user.findById(id, function(err, user) {
\t done(err, user);
});
});
app.set('view engine', 'ejs');
app.set('views', __dirname + '/views'); \t
app.use('/',router);
}
module.exports = {
configuration: configuration,
router: router,
passport: passport \t
}
//the login strategy
"use strict";
var LocalStrategy = require("passport-local").Strategy;
var path = require('path');
var config = require('./config');
var salt = require('./salt');
var router = config.router;
var passport = config.passport;
passport.use('user-login', new LocalStrategy({
usernameField : 'email',
passwordField : 'password',
passReqToCallback : true
},
function (req, email, password, done) {
// find a user whose email is the same as the forms email
// we are checking to see if the user trying to login already exists
model.user.findOne({ email : email }, function(err, user) {
// if there are any errors, return the error before anything else
if (err) {
return done(err);
}
// if no user is found, return the message
if (!user) {
return done(null, false, req.flash('loginMessage', 'No user found.'));
// req.flash is the way to set flashdata using connect-flash
}
// if the user is found but the password is wrong
if (!salt.isValidPassword(user,password)) {
return done(null, false, req.flash('loginMessage', 'Oops! Wrong password.')); // create the loginMessage and save it to session as flashdata
}
return done(null, user);
});
}));
router.post('/user/login', passport.authenticate('user-login', {
successRedirect : '/dashboard', // redirect to the secure profile section
failureRedirect : '/failed', // redirect back to the signup page if there is an error
failureFlash : true // allow flash messages
}));
router.get('/dashboard',function(req,res){
if(req.user){
model.user.findOne({user_id: req.user.user_id},
{presence:1,set_presence:1}).exec(function(err,data){
data.presence = true;
data.set_presence.general = true;
data.save(function(err,info){
console.log("presence is true");
});
});
res.json({
isLoggedIn: true,
typeOfUser: req.user.type,
firstname: req.user.firstname,
lastname:req.user.lastname,
phone: req.user.phone,
email: req.user.email,
title: req.user.title,
user_id: req.user.user_id,
balance: req.user.ewallet.available_amount,
profile_pic_url: req.user.profile_pic_url
});
} else {
res.redirect("/login");
}
});
router.get("/dashboard/patient",function(req,res){
if(req.user){
res.render("patient",{"userInfo": req.user});
} else {
res.redirect('/login');
}
});
router.get('/failed',function(req,res){
res.send(false);
})
//route
//user getting the available on the dashboard balance route.
router.get('/dashboard/:userId/get-balance',function(req,res){
console.log(req.user) //undefined
if(req.user){
model.user.findOne({user_id: req.params.userId},{ewallet:1},function(err,wallet){
if(err) throw err;
res.send({balance: wallet.ewallet.available_amount})
})
} else {
res.send("Unauthorized access!!!")
}
});
//Angular code
app.controller('loginController',["$scope","$http","$location","$window","$resource","ModalService","templateService","localManager",
"$rootScope","mySocket",function($scope,$http,$location,$window,$resource,ModalService,templateService,localManager,$rootScope,mySocket) {
$scope.login = {};
$scope.error = "";
$scope.send = function(){
var login = $resource('/user/login',null,{logPerson:{method:"POST",headers:{withCredentials: true}}});
login.logPerson($scope.login,function(data){
console.log(data)
localManager.setValue("resolveUser",data);
//$rootScope.balance = data.balance;
if (data.isLoggedIn) {
//user joins a room in socket.io and intantiayes his own socket
switch(data.typeOfUser) {
case "Patient":
createAwareness(data)
$window.location.href = '/dashboard/patient';
break;
case "Doctor":
createAwareness(data)
$window.location.href = "/dashboard/doctor";
break;
case "Pharmacy":
$window.location.href = "/medical-center/pharmacy";
break;
default:
$window.location.href = "/medical-center/view";
break;
}
} else {
$scope.error = "Email or Password incorrect!";
}
});
}
//this updates the current availability of user in real time.
function createAwareness(data) {
mySocket.emit("set presence",{status:"online",userId:data.user_id},function(response){
if(response.status === true){
if(data.typeOfUser === "Doctor"){
mySocket.emit("doctor connect",{userId:data.user_id});
} else if(data.typeOfUser === "Patient") {
mySocket.emit("patient connect",data);
}
}
});
}
}]);
//one of the ajax get requests made from within dashboard as the page loads.
app.controller("balanceController",["$rootScope","$resource","localManager",function($rootScope,$resource,localManager){
var user = localManager.getValue("resolveUser");//this was set in the login controller
var amount = $resource('/dashboard/:userId/get-balance',{userId: user.user_id});
var wallet = amount.get(null,function(data){
console.log(data) //"unauthorized access !!!"
var format = "N" + data.balance.toString().replace(/\B(?=(\d{3})+(?!\d))/g, ",");
$rootScope.balance = format;
})
}]);
<!-- login form -->
<form>
<input type="text" placeholder="Email" ng-model = "login.email" style="border: 1px solid rgba(0,255,0,0.8)">
<input type="password" placeholder="Password" ng-model = "login.password" style="border: 1px solid rgba(0,255,0,0.8);margin: 10px 0px">
<div style="text-align: center">
\t <button class="btn btn-login" ng-click="send()" style="color: #fff;">LOGIN</button>
</div>
</form>