我在删除或替换使用登录路径设置的 cookie 时遇到困难。每当我登录时,cookie 都已正确设置,但是当我单击注销时,我似乎无法替换 cookie。我已经尝试过res.clearCookies,它也不起作用。我真的不确定出了什么问题。
这是我的主要应用程序文件
app.use(cookieParser());
app.use(express.json());
app.use(express.urlencoded({ extended: true }));
app.use((req: Request, res: Response, next: NextFunction) => {
res.setHeader("Access-Control-Allow-Origin", "http://localhost:4200");
res.setHeader("Access-Control-Allow-Credentials", "true");
res.setHeader(
"Access-Control-Allow-Methods",
"GET, POST, PUT, PATCH, DELETE"
);
res.setHeader("Access-Control-Allow-Headers", "Content-Type, Authorization");
next();
});
我有一个看起来像这样的登录代码片段,
export const login = (req: Request, res: Response, next: NextFunction) => {
const email = req.body.email;
const password = req.body.password;
db.getDB()
.db()
.collection("users")
.findOne<User>({ email: email })
.then((user) => {
if (!user) {
return res.status(400).json({ message: "Email is not registered!" });
}
bcrypt.compare(password, user.password).then((correctPassword) => {
if (correctPassword) {
const userInfo = {
userRef: user.userRef,
role: user.role,
};
const accessToken = generateAccessToken(userInfo);
const refreshToken = jwt.sign(userInfo, REFRESH_TOKEN, {
expiresIn: "6h",
});
res.cookie("Refresh Token", refreshToken, {
httpOnly: true,
sameSite: "strict",
path: "/",
});
res.cookie("Access Token", accessToken, {
httpOnly: true,
sameSite: "strict",
path: "/",
});
res.status(200).json({ message: "Cookies have been set!" });
} else {
res.status(401).json({ message: "Password is wrong!" });
}
});
})
.catch((err) => next(err));
};
和一个看起来像这样的注销片段
export const logout = (req: Request, res: Response, next: NextFunction) => {
res.cookie("Refresh Token", "x", {
httpOnly: true,
sameSite: "strict",
path: "/",
expires: new Date(1),
});
res.cookie("Access Token", "a", {
httpOnly: true,
sameSite: "strict",
path: "/",
expires: new Date(1),
});
res.status(200).json({ message: "Logged out succesfully." });
};