我有一个简单的express
应用程序,它使用session
中间件和passport-local
中间件。然后我使用share.js
withbrowserchannel
通过share.listen(stream)将数据流式传输到服务器。全部与此处的文档一致。
我的问题是我无法访问流中的会话数据(由本地护照修改并包含登录的用户 ID)。我需要它能够在client.on('message', function(data) {..});中限制/授予访问权限 基于一些逻辑,但最重要的是检查消息是否来自登录用户。在那里,如果我尝试读取 ID,它将与 req.user._id 中的潜在内容不同。似乎 share.js 或 browserchannel 使用了一些不同的会话,也许?
这是代码:
var app = express();
var express = require('express');
...
// SETUP AND INIT
app.use(cookieParser());
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({
extended: true,
limit: 1024 * 1024 * 10
}));
app.use(methodOverride());
app.use(session({
secret: global.CONFIG.session.secret,
maxAge: new Date(Date.now() + 1000 * 60 * 60 * 24 * 2),
store: new MongoStore(global.CONFIG.mongo),
resave: true,
saveUninitialized: true
}));
app.use(express.static(__dirname + '/build'));
app.use(passport.initialize());
app.use(passport.session());
app.use(flash());
// Create the sharejs server instance.
var backend = livedb.client(livedbMongo(global.CONFIG.mongo.url, false));
var share = sharejs.server.createClient({
db: backend
});
app.use(browserChannel(function(client) {
var stream = new Duplex({objectMode: true});
stream._write = function(chunk, encoding, callback) {
if (client.state !== 'closed') {
client.send(chunk);
}
callback();
};
stream._read = function() {
};
stream.headers = client.headers;
stream.remoteAddress = stream.address;
client.on('message', function(data) {
console.log(client.id) // <- I wish it was the same as in req.user._id..
stream.push(data);
});
stream.on('error', function(msg) {
client.stop();
});
client.on('close', function(reason) {
stream.emit('close');
stream.emit('end');
stream.end();
});
// Actually pass the stream to ShareJS
share.listen(stream);
}));