node.js - 绕过会话存储将会话直接保存到数据库？

问题描述

我正在使用 SQL Server 作为数据库，但无法让 SQL Server 工作的会话存储 npm 包列出。将 sessionID 直接插入数据库，然后验证客户端发送的 sessionID 与数据库 sessionID 匹配是否有任何问题？我是否需要以某种方式告诉它不要将会话保存在内存中？

const uuidv1 = require('uuid/v1');
const bcrypt = require('bcrypt');

app.use(session({
    genid: uuidv1,
    name: 'session',
    secret: 'thesecretcode',
    resave: false,
    saveUninitialized: false,
    cookie: {
        secure: false, /*no https*/
        httpOnly: true,
        sameSite: true,
        maxAge: 600
    }
}));

app.all('*', requireAuthentication);
function requireAuthentication(req, res, next) {
    console.log(req.sessionID);


    if (req.session.user) {
        req.session.views++;
        console.log(req.session.user)
        res.render('home'); /*when logged in*/

    } else {
        req.session.views = 1;
        req.session.user = 'MrUser';
        next();

    }
}

app.get('/', (req, res) => {
    const saltRounds = 10;
    bcrypt.hash(req.sessionID, saltRounds, function(err, hash) {
        let promise = insert(req.session.user, hash);

    });

    res.render('landing'); /*when not logged in*/
})

function insert(theuser, sessionID) {
    var thequery = "insert into session (sessiondata,sessionid,lasttouchedutc) values(@theuser,@sessionID,getdate())";
    return new Promise(function(resolve, reject) {
        var con = new msSqlConnecter.msSqlConnecter(config);
        con.connect().then(function() {
            new con.Request(thequery)
                .addParam("theuser", TYPES.VarChar, theuser)
                .addParam("sessionID", TYPES.VarChar, sessionID)
                .onComplate(function(count, datas) {
                    resolve(datas);
                    // res.end()
                }).onError(function(err) {
                    console.log(err);
                }).Run();
        }).catch(function(ex) {
            console.log(ex);
        });
    });

}

标签： node.jssql-serverexpresssessionexpress-session