Express.js sessions are persisting between users on different machines on seperate networks?
I'm having a problem with Express under Node.js. I'm trying to use sessions to store auth details when a user logs in. The problem I'm having is that once one user is logged in, any other visitors are also logged in under the same user, even if they are on a seperate machine on a seperate network.
It appears to me that it's working more like an application data store than a session store. Am I doin开发者_运维技巧g something wrong? Seems to me like I'm doing something stupid somewhere!
I'm using this code in app.configure:
app.use(express.cookieParser());
app.use(express.session({secret: 'supersecretkeygoeshere'}));
And I'm getting and setting my session variables like this:
var user = express.session.userId;
Cheers,
Nathan
That's not how you use sessions, use the session var on a request object:
app.get('/login', function(req, res){
user = loadUser(req.body.username, req.body.password)
req.session.userId = user.id
})
see docs: http://expressjs.com/guide.html#session-support
Hope that helps :D
精彩评论