1. 首頁
  2. 問答
  3. $ window.sessionStorage用於登錄和註銷(基於令牌);

$ window.sessionStorage用於登錄和註銷(基於令牌);

2015-11-08 43 views
0

我使用基於令牌的Node.js和Angular.js創建登錄和註銷函數。我正在保存到窗口存儲中的令牌。

問題是如果我註銷它只是註銷一個瀏覽器,並且如果我登錄它不認識我是否已經登錄。我想我必須擴展我的程序。

我的問題是如何刪除我登錄的每個打開的瀏覽器的存儲?或者我可以在我的代碼中詢問我是否已登錄,我怎麼能這樣做?

在此先感謝!

Node.js的CODE

app.post('/logout', function(req, res){ 

    jwt.verify(req.body.token, 'secretKey', function(err, decoded) { 
     console.log("Decoded " + decoded); 
     if(decoded._id != null){ 
     User.findOne({ 
     _id : decoded._id 
    }, function(err, user) { 
     if (err) { 
      console.log('Error occured', err); 

     } else { 
      if (user) { 
       res.end(); 
      } 

    } 
    }); 
    }else{ 

     Console.log("Could not logout"); 
    } 
    }); 

}); 

app.post('/login', function(req, res) { 

    User.findOne({ 
     email : req.body.email 
    }, function(err, user) { 
     if (err) { 
      console.log('Error occured', err); 

     } else { 
      if (user) { 

       // check if password matches 
       if (req.body.password != undefined) { 
        var hashPWCheck = bcrypt.compareSync(req.body.password, user.password); 
        // true 
        //console.log(hashPWCheck); 
        if (!(hashPWCheck)) { 
         res.json({ 
          success : false, 
          message : 'Authentication failed. Wrong password.' 
         }); 
         console.log('Authentication failed. Wrong password.'); 
        } else { 
         var token = jwt.sign(user, 'secretKey', { 
          expiresInMinutes : 60 // expires in 1 Minute 
         }); 

         res.json({token : token, email : user.email}); 
         console.log("Token created & sent to Client(UserCtrlLogin): " + token); 
        } 

       } else { 
        console.log("Password is required!"); 
       } 

      } else { 
       console.log("Incorect E-Mail"); 
      } 

     } 

    }); 
});

ANGULAR.js代碼

app.controller('UserCtrlLogin', function($scope, $http, $window, $location, $rootScope) { 

    $scope.logout = function(){ 
     var sessionlogout = $window.sessionStorage.getItem('token'); 


     var formData = { 
      token : sessionlogout 

     }; 

    $http.post('/logout', formData).success(function(data, status, headers, config) { 
     if(status == 200){ 


      $rootScope.isAlive = false; 
      $rootScope.ali = false; 
      $window.sessionStorage.removeItem('token'); 


     }else{ 
      $window.sessionStorage.removeItem('token'); 
      $rootScope.isAlive = false; 
     } 
     });  

    }; 


    $scope.signin = function() { 

     var formData = { 
      email : $scope.email, 
      password : $scope.password 
     }; 

     // $window.sessionStorage.removeItem('token'); 
     $http.post('/login', formData).success(function(data, status, headers, config) { 
      console.log('Data: ' + data.email); 
      //console.log('Status: ' + status); 
      if (status == 200) { 
       if(data.email == "[email protected]"){ 
        $rootScope.ali = true; 

       } 

       $rootScope.isAlive = true; 

       $window.sessionStorage.setItem('token', data.token); 
       console.log("Token saved into Storage from Server(Node.js function /login)"); 



      } 
     }).error(function(data, status, headers, config) { 
      // called asynchronously if an error occurs 
      // or server returns response with an error status. 
      $window.sessionStorage.removeItem('token'); 
     }); 

    }; 

});

來源

2015-11-08 machu pichu

回答

1

您需要保存在數據庫中標記,如果你登錄或在一個瀏覽器註銷您必須將令牌標記爲有效/無效,並且在另一個瀏覽器中需要在後端檢查令牌狀態。

P.s.請參閱satellizer,這只是我對前端驗證模塊的建議。

來源

2015-11-08 14:40:55

相關問題

 相關問題