在nodejs+express中,采用nodejs后端路由控制用戶登錄后,為了加強前端的安全性控制,阻止用戶通過在瀏覽器地址欄中輸入地址訪問后台接口,在app.js中需要加入攔截器進行攔截:
/*************************導入需要的包************************************************/
var express = require('express'); var path = require('path'); var favicon = require('serve-favicon'); var logger = require('morgan'); var cookieParser = require('cookie-parser');//1、引入cookie模塊,攔截器中req.cookies.userCookies是依賴於該模塊的; var bodyParser = require('body-parser'); var ejs=require("ejs");
/**************************設置nodejs路由對應的文件***************************/
var index = require('./routes/index');
var ccap=require('./routes/ccap');
var jiami=require("./routes/jiami");
var changePwd=require('./routes/changePwd');
var login=require("./routes/login");
var business=require("./routes/pay/business");
var logs=require("./routes/pay/logs");
var channel=require("./routes/pay/channel");
var config=require("./routes/pay/config");
/******************express配置模板視圖**********************************/
var app = express();
// view engine setup app.set('views', path.join(__dirname, 'views')); //app.set('view engine', 'ejs');//設置視圖為ejs引擎 app.engine('html',ejs.__express); //設置視圖為html引擎,ejs在頁面仍然可用 app.set('view engine', 'html');//設置視圖為html引擎,ejs在頁面仍然可用
/******************引入要使用的模塊**********************************************/
// uncomment after placing your favicon in /public
//app.use(favicon(path.join(__dirname, 'public', 'favicon.ico')));
app.use(logger('dev'));
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: false }));
app.use(cookieParser());//2、引入cookie,h后可開始使用cookie模塊獲取客戶端的cookies;
app.use(express.static(path.join(__dirname, 'public')));
/*************************登錄攔截器**************************************/
app.use(function (req, res, next) {
var url = req.originalUrl;//獲取瀏覽器中當前訪問的nodejs路由地址;
var userCookies=req.cookies.userCookies; //獲取客戶端存取的cookie,userCookies為cookie的名稱;
//有時拿不到cookie值,可能是因為攔截器位置放錯,獲取該cookie的方式是依賴於nodejs自帶的cookie模塊,
//因此,獲取cookie必須在1,2步之后才能使用,否則拿到的cookie就是undefined.
console.log("123"+url);
console.log("app獲得cookie"+req.cookies.userCookies+"真假11111:"+(req.cookies.userCookies==undefined));
if(url=='/login'&&!(userCookies==undefined)){ //通過判斷控制用戶登錄后不能訪問登錄頁面;
return res.redirect('/');//頁面重定向;
}
next();
});
/*********************************node路由配置**********************************/
app.use('/', index);
app.use('/ccap',ccap);
app.use("/app/jiami",jiami);
app.use("/login",login);
app.use("/changePwd",changePwd);
app.use("/business",business);
app.use("/logs",logs);
app.use("/channel",channel);
app.use("/config",config);
/*******************************捕獲異常***********************************/
// catch 404 and forward to error handler
app.use(function(req, res, next) {
var err = new Error('Not Found');
err.status = 404;
next(err);
});
// error handlers
// development error handler
// will print stacktrace
if (app.get('env') === 'development') {
app.use(function(err, req, res, next) {
res.status(err.status || 500);
res.render('error', {
message: err.message,
error: err
});
});
}
// production error handler
// no stacktraces leaked to user
app.use(function(err, req, res, next) {
res.status(err.status || 500);
res.render('error', {
message: err.message,
error: {}
});
});
module.exports = app;