node.js - 无法从 ExpressJS res.locals.connection.query() 语句中设置变量
问题描述
我正在尝试创建一个单点登录功能,该功能检查是否已配置用户,并创建用户或使用最新信息更新数据库。
我已经让更新/插入工作,但现在我无法从查询中返回用户 ID(uid 或 UserID)。
我已经在该部分中留下了一些我尝试过的评论。
基本上,执行插入/更新的查询嵌套在另一个内部,即 post_assert 内部。我需要将刚刚配置的用户的 iresults.insertId 值和来自第一级查询的 results[0].nid 的结果保存到“cookieData”数组中。
现在,我正在获取 cookie 的其余部分(名字、姓氏、用户名、电子邮件、wwwid、国家和地理位置,但对于我来说,在它被发送回之前无法将 cookieData.userid 属性添加到其中到浏览器。
这是一个将数据发送回 VueJS 应用程序的 expressJS REST API。
我已经尝试过回调以及全局变量,但似乎没有任何东西可以将新值添加到数组中。
sp.post_assert(idp, options, function (err, saml_response) {
if (err)
res.redirect('https://www.example.com/');
var sessionID = saml_response.response_header.id;
setCookie(res, req, sessionID);
var refererLocation = req.cookies.referLocation;
// Set User Data Variables
const firstName = saml_response.user.attributes.givenName;
const middleName = null;
const lastName = saml_response.user.attributes.sn;
const username = saml_response.user.attributes.uid;
const email = saml_response.user.attributes.mail;
const wwid = saml_response.user.attributes.employeeID;
const country = saml_response.user.attributes.country;
const geo = saml_response.user.attributes.geographicRegion;
/*function setCookieData(val) {
cookieData.userid = val;
}*/
// let userid;
// Check if user exists in DB
res.locals.connection.query('SELECT * FROM users WHERE username = ?', [username], function (error, results, fields) {
if (error) throw error;
// Get the Current Date-Time for insertion
const accessDateTime = new Date();
const adtYear = accessDateTime.getFullYear();
const adtMonth = accessDateTime.getMonth() + 1;
const adtDay = accessDateTime.getDate();
const adtHour = accessDateTime.getHours();
const adtMin = accessDateTime.getMinutes();
const adtSec = accessDateTime.getSeconds();
const dts = `${adtYear}-${adtMonth}-${adtDay} ${adtHour}:${adtMin}:${adtSec}`;
// let userid;
// If results is empty, then the user who just logged in does not currently have
// an account provisioned, so set them up an account.
if (!(results.hasOwnProperty(0))) {
res.locals.connection.query('INSERT INTO users SET ?', {first_name: firstName, middle_name: middleName, last_name: lastName, username: username, email: email, status: 1, created: dts, access: dts, login: dts}, function (ierror, iresults, ifields){
if (ierror) throw ierror;
// Set the User Data Cookie
// res.locals.userid = iresults.insertId;
// setUserIdValue(iresults[0].insertId);
// res.clearCookie('UserInfo');
// res.cookie('UserInfo', cookieData);
// cookieData.userid=iresults[0].insertId;
// res.cookie('UserInfo', cookieData);
app.locals.userid = iresults[0].insertId;
});
// Else, the result was NOT empty, then the user already exists in the DB,
// so just update their Access and Login DATETIME fields.
} else {
res.locals.connection.query('UPDATE users SET login = ?, access = ? WHERE uid = ?', [dts, dts, results[0].uid], function (ierror, iresults, ifields){
if (ierror) throw ierror;
// userid = results[0].uid;
// Set the User Data Cookie
// res.locals.userid = results[0].uid;
// setUserIdValue(results[0].uid);
// res.clearCookie('UserInfo');
// res.cookie('UserInfo', cookieData);
// cookieData.userid=results[0].uid;
// res.cookie('UserInfo', cookieData);
app.locals.userid = results[0].uid;
});
}
});
const cookieData = {
firstName: firstName,
lastName: lastName,
username: username,
email: email,
wwid: wwid,
country: country,
geo: geo,
userid: app.locals.userid,
};
res.cookie('UserInfo', cookieData);
//Add saml ID to database with expiration date
if (refererLocation != undefined) {
res.clearCookie("referLocation");
res.redirect('https://www.example.com' + refererLocation);
} else {
res.redirect('https://www.example.com/uri');
}
// Save name_id and session_index for logout
// Note: In practice these should be saved in the user session, not globally.
// name_id = saml_response.user.givenName + "," + saml_response.sn;
// session_index = saml_response.user.session_index;
//var first = saml_response.user.attributes.givenName;
//var last = saml_response.user.attributes.sn;
//res.send("Hello, " + first + " " + last);
});
编辑(2018 年 9 月 11 日)
我已将其分解为最简单的概念,但仍然无法让它将“userid”值返回到 cookie 中。即使将所有内容都设置为 ASYNC 和 AWAIT。
app.post('/api/v1/saml/acs', function (req, res) {
const options = {
request_body: req.body,
allow_unencrypted_assertion: true
};
sp.post_assert(idp, options, async function (err, saml_response) {
if (err)
res.redirect('https://www.example.com/');
const sessionID = saml_response.response_header.id;
const user = saml_response.user.attributes;
// Set User Data Variables
const firstName = user.givenName;
const middleName = null;
const lastName = user.sn;
const username = user.uid;
const email = user.mail;
const wwid = user.employeeID;
const country = user.country;
const geo = user.geographicRegion;
app.locals.UserData = {
firstName: firstName,
lastName: lastName,
username: username,
email: email,
wwid: wwid,
country: country,
geo: geo,
// userid: '',
};
// Check if user exists in DB
await res.locals.connection.query('SELECT * FROM users WHERE username = ?', [app.locals.UserData.username], async function (error, results, fields) {
if (error) throw error;
// Get the Current Date-Time for insertion
const accessDateTime = new Date();
const adtYear = accessDateTime.getFullYear();
const adtMonth = accessDateTime.getMonth() + 1;
const adtDay = accessDateTime.getDate();
const adtHour = accessDateTime.getHours();
const adtMin = accessDateTime.getMinutes();
const adtSec = accessDateTime.getSeconds();
const dts = `${adtYear}-${adtMonth}-${adtDay} ${adtHour}:${adtMin}:${adtSec}`;
// If results is empty, then the user who just logged in does not currently have
// an account provisioned, so set them up an account.
if (!(results.hasOwnProperty(0))) {
await res.locals.connection.query('INSERT INTO users SET ?', {first_name: app.locals.UserData.firstName, middle_name: app.locals.UserData.middleName, last_name: app.locals.UserData.lastName, username: app.locals.UserData.username, email: app.locals.UserData.email, status: 1, created: dts, access: dts, login: dts}, async function (ierror, iresults, ifields){
if (ierror) throw ierror;
app.locals.UserData.userid = 22;
// app.locals.UserData.userid = iresults.insertID;
});
} else {
await res.locals.connection.query('UPDATE users SET login = ?, access = ? WHERE uid = ?', [dts, dts, results[0].uid], async function (ierror, iresults, ifields){
if (ierror) throw ierror;
app.locals.UserData.userid = 44;
// app.locals.UserData.userid = results[0].uid;
});
}
});
// Set User Session Cookie
res.cookie('UserData', app.locals.UserData);
// Set SAML Session Cookie
setCookie(res, req, sessionID);
// Get the referrer location
var refererLocation = req.cookies.referLocation;
// If it is undefined, then send the user back to where they started the Sign On process.
if (refererLocation != undefined) {
res.clearCookie("referLocation");
res.redirect('https://www.example.com' + refererLocation);
} else {
res.redirect('https://www.example.com/uri');
}
});
});
对 dmfay 的回应
我相信我已经听从了你的建议,但它仍然没有返回 'userid' 属性。
我已将“下一个”参数添加到
app.post('/api/va/saml/acs', function (){...});
并在末尾添加了一个“next()”调用
sp.post_assert(idp, options, async function(...){
// logic here with nested calls trying to update app.locals.UserData
next();
});
我还尝试了 post_assert 之外的“next()”调用,我收到了这条消息:
Error [ERR_HTTP_HEADERS_SENT]: Cannot set headers after they are sent to the client
请参阅下面的更新代码。
app.post('/api/v1/saml/acs', function (req, res, next) {
const options = {
request_body: req.body,
allow_unencrypted_assertion: true
};
sp.post_assert(idp, options, async function (err, saml_response) {
if (err)
res.redirect('https://www.example.com/');
const sessionID = saml_response.response_header.id;
const user = saml_response.user.attributes;
// Set User Data Variables
const firstName = user.givenName;
const middleName = null;
const lastName = user.sn;
const username = user.uid;
const email = user.mail;
const wwid = user.employeeID;
const country = user.country;
const geo = user.geographicRegion;
app.locals.UserData = {
firstName: firstName,
lastName: lastName,
username: username,
email: email,
wwid: wwid,
country: country,
geo: geo,
// userid: '',
};
// Check if user exists in DB
await res.locals.connection.query('SELECT * FROM users WHERE username = ?', [app.locals.UserData.username], async function (error, results, fields) {
if (error) throw error;
// Get the Current Date-Time for insertion
const accessDateTime = new Date();
const adtYear = accessDateTime.getFullYear();
const adtMonth = accessDateTime.getMonth() + 1;
const adtDay = accessDateTime.getDate();
const adtHour = accessDateTime.getHours();
const adtMin = accessDateTime.getMinutes();
const adtSec = accessDateTime.getSeconds();
const dts = `${adtYear}-${adtMonth}-${adtDay} ${adtHour}:${adtMin}:${adtSec}`;
// If results is empty, then the user who just logged in does not currently have
// an account provisioned, so set them up an account.
if (!(results.hasOwnProperty(0))) {
await res.locals.connection.query('INSERT INTO users SET ?', {first_name: app.locals.UserData.firstName, middle_name: app.locals.UserData.middleName, last_name: app.locals.UserData.lastName, username: app.locals.UserData.username, email: app.locals.UserData.email, status: 1, created: dts, access: dts, login: dts}, async function (ierror, iresults, ifields){
if (ierror) throw ierror;
app.locals.UserData.userid = 22;
// app.locals.UserData.userid = iresults.insertID;
});
} else {
await res.locals.connection.query('UPDATE users SET login = ?, access = ? WHERE uid = ?', [dts, dts, results[0].uid], async function (ierror, iresults, ifields){
if (ierror) throw ierror;
app.locals.UserData.userid = 44;
// app.locals.UserData.userid = results[0].uid;
});
}
});
// Set User Session Cookie
res.cookie('UserData', app.locals.UserData);
// Set SAML Session Cookie
setCookie(res, req, sessionID);
// Get the referrer location
var refererLocation = req.cookies.referLocation;
// If it is undefined, then send the user back to where they started the Sign On process.
if (refererLocation != undefined) {
res.clearCookie("referLocation");
res.redirect('https://www.example.com' + refererLocation);
} else {
res.redirect('https://www.example.com/uri');
}
next();
});
});
工作代码
谢谢 DMFAY 和 BennetQuigley。此问题已得到解决。
工作解决方案在下面评论。
app.post('/api/v1/saml/acs', function (req, res, next) {
const options = {
request_body: req.body,
allow_unencrypted_assertion: true
};
sp.post_assert(idp, options, function (err, saml_response) {
if (err)
res.redirect('https://www.example.com/');
// Get the Sessions ID
const sessionID = saml_response.response_header.id;
// Set the returned User Info to a Variable
const user = saml_response.user.attributes;
// Set the app.locals.UserData variable
app.locals.UserData = {
firstName: user.givenName,
middleName: null,
lastName: user.sn,
username: user.uid,
email: user.mail,
wwid: user.employeeID,
country: user.country,
geo: user.geographicRegion,
};
// Check if user exists in DB
res.locals.connection.query('SELECT * FROM users WHERE username = ?', [app.locals.UserData.username], function (error, results, fields) {
if (error) throw error;
// Get the Current Date-Time for Insert/Update of user logon history
const accessDateTime = new Date();
const adtYear = accessDateTime.getFullYear();
const adtMonth = accessDateTime.getMonth() + 1;
const adtDay = accessDateTime.getDate();
const adtHour = accessDateTime.getHours();
const adtMin = accessDateTime.getMinutes();
const adtSec = accessDateTime.getSeconds();
const dts = `${adtYear}-${adtMonth}-${adtDay} ${adtHour}:${adtMin}:${adtSec}`;
// If results is empty, then the user who just logged in does not currently have
// an account provisioned, so set them up an account.
if (!(results.hasOwnProperty(0))) {
res.locals.connection.query('INSERT INTO users SET ?', {
first_name: app.locals.UserData.firstName,
middle_name: app.locals.UserData.middleName,
last_name: app.locals.UserData.lastName,
username: app.locals.UserData.username,
email: app.locals.UserData.email,
status: 1,
created: dts,
access: dts,
login: dts
}, function (ierror, iresults, ifields){
if (ierror) throw ierror;
// set the app.locals.UserData.userid value to the newly inserted ID
app.locals.UserData.userid = `["${iresults.insertID}"]`;
// From here to 'next()' has to be repeated in both cases
// 'next()' must be used to return the values and actions to the parent
// Call.
// Set User Session Cookie
res.cookie('UserData', app.locals.UserData);
// Set SAML Session Cookie
setCookie(res, req, sessionID);
// Get the referrer location
var refererLocation = req.cookies.referLocation;
// If it is undefined, then send the user back to where they started the Sign On process.
if (refererLocation != undefined) {
res.clearCookie("referLocation");
res.redirect('https://clpstaging.mcafee.com' + refererLocation);
} else {
res.redirect('https://clpstaging.mcafee.com/clp');
}
// Tell the callback to move forward with the actions.
next();
});
} else {
res.locals.connection.query('UPDATE users SET login = ?, access = ? WHERE uid = ?', [dts, dts, results[0].uid], function (ierror, iresults, ifields){
if (ierror) throw ierror;
// Set the app.locals.UserData.userid to the Users PK
app.locals.UserData.userid = results[0].uid;
// From here to 'next()' has to be repeated in both cases
// 'next()' must be used to return the values and actions to the parent
// Call.
// Set User Session Cookie
res.cookie('UserData', app.locals.UserData);
// Set SAML Session Cookie
setCookie(res, req, sessionID);
// Get the referrer location
var refererLocation = req.cookies.referLocation;
// If it is undefined, then send the user back to where they started the Sign On process.
if (refererLocation != undefined) {
res.clearCookie("referLocation");
res.redirect('https://www.example.com' + refererLocation);
} else {
res.redirect('https://www.example.com/uri');
}
// Tell the callback to move forward with the actions.
next();
});
}
});
});
});
解决方案
您的 post_assert 回调是异步的,但您的路由回调不是,因此路由逻辑在 post_assert 回调完成之前完成。可能您使用 Express 最简单的方法是使用app.post(url, function (req, res, next) {...})
签名并next()
在您完成写入 cookie 并设置重定向后作为 post_assert 回调的最后一步调用。
推荐阅读
- dart - 页面视图生成器;文本在页面视图中重复
- r - 我有数据框时 gvisLineChart 出错
- go - 如何为使用 bazel 构建的 Go 项目设置 vscode?
- sql - Sql server 选择查询的 ids,从 datetime 中按转换日期分组的 ids 计数
- css - 转换 CSS 高度属性会导致 Blisk 中的“摆动”
- microsoft-cognitive - 认知人脸 API 返回 Web 应用程序没有结果
- python - python - 多处理记录失败
- c++ - 在 std::move 之后移动变量是否有效?
- kubernetes - Kubernetes 零停机部署不起作用 - 导致 503 服务暂时不可用
- php - Guzzlehttp\Exception\ConnectionException:cURL 错误 28 在 2851 毫秒后解决超时