• 前后端分离 ajax 跨域 session 传值 (后端使用 node)


    前端:ajax访问时要加上“xhrFields: {withCredentials: true}” ,实现session可以传递

    后端:Access-Control-Allow-Credentials 设置为 true;同时 Access-Control-Allow-Origin 必须指定 url
     

    npm 安装 express、body-parser、express-session、svg-captcha

    后台代码:

     1 var express = require('express');
     2 var app = express();
     3 var svgCaptcha = require('svg-captcha'); // 动态验证码
     4 var session = require('express-session');
     5 var bodyParser = require('body-parser'); // Express框架请求体解析的中间件
     6 
     7 var urlencodedParser = bodyParser.urlencoded({ extended: false });
     8 
     9 app.use(session({
    10   resave: true, // don't save session if unmodified
    11   saveUninitialized: false, // don't create session until something stored
    12   secret: 'node'
    13 }));
    14 app.use(function (req, res, next) {
    15   // Website you wish to allow to connect
    16   res.setHeader('Access-Control-Allow-Origin', req.headers.origin);
    17   // res.setHeader('Access-Control-Allow-Origin', "*");
    18 
    19   // Request methods you wish to allow
    20   res.setHeader('Access-Control-Allow-Methods', 'GET, POST, OPTIONS, PUT, PATCH, DELETE');
    21 
    22   // Request headers you wish to allow
    23   res.setHeader('Access-Control-Allow-Headers', 'X-Requested-With,content-type');
    24 
    25   // Set to true if you need the website to include cookies in the requests sent
    26   // to the API (e.g. in case you use sessions)
    27   res.setHeader('Access-Control-Allow-Credentials', true);
    28 
    29   // Pass to next layer of middleware
    30   next();
    31 });
    32 
    33 
    34 app.get('/', function (req, res) {
    35   res.send('Hello World');
    36 });
    37 app.post('/trendsCode', urlencodedParser, function (req, res) { 
    38   var code = req.body.code;
    39   if (code) {
    40     var response = {
    41       msg: 'success',
    42       trendsCode: req.session.trendsCode
    43     };
    44     res.send(JSON.stringify(response));
    45   } else {
    46     var codeConfig = {
    47       size: 5, // 验证码长度
    48       noise: 2, // 干扰线条的数量
    49       height: 44
    50     }
    51     var captcha = svgCaptcha.create(codeConfig);
    52     req.session.trendsCode = captcha.text;
    53     res.send(captcha.data);
    54   }
    55 });
    56 
    57 var server = app.listen(8080, function () {
    58   var host = server.address().address
    59   var port = server.address().port
    60 
    61   console.log("应用实例,访问地址为 http://%s:%s", host, port);
    62 });

    前端代码:

     1 <!DOCTYPE html>
     2 <html lang="en">
     3 
     4 <head>
     5   <meta charset="UTF-8">
     6   <meta name="viewport" content="width=device-width, initial-scale=1.0">
     7   <meta http-equiv="X-UA-Compatible" content="ie=edge">
     8   <title>ajax 跨域 session 传值</title>
     9 </head>
    10 
    11 <body>
    12   <h1>trends code</h1>
    13   <div id="code"></div>
    14   <input type="text" id="input">
    15   <input type="button" value="提交" onclick="submit()">
    16 
    17   <script src="./jquery-3.3.1.min.js"></script>
    18   <script>
    19     window.onload = function () {
    20       $.ajax({
    21         url: "http://127.0.0.1:8080/trendsCode",
    22         type: 'POST',
    23         xhrFields: {
    24           withCredentials: true
    25         },
    26         success: function (response) {
    27           // console.log('response--',response);
    28           $('#code').html(response);
    29         },
    30         error: function (error) {
    31           console.log('error--', error)
    32         }
    33       });
    34     };
    35     var submit = function () {
    36       // console.log('submit');
    37       var inputCode = $('#input').val();
    38       $.ajax({
    39         url: "http://127.0.0.1:8080/trendsCode",
    40         data: {
    41           code: inputCode
    42         },
    43         type: 'POST',
    44         xhrFields: {
    45           withCredentials: true
    46         },
    47         success: function (response) {
    48           console.log('response--', response);
    49           // document.write(response);
    50         },
    51         error: function (error) {
    52           console.log('error--', error)
    53         }
    54       });
    55     };
    56   </script>
    57 </body>
    58 
    59 </html>

    前端 xhrFields 的设置(XMLHttpRequest 和 jquery)

     1 // XMLHttpRequest
     2 var xhr = new XMLHttpRequest();
     3 xhr.open('GET', 'http://127.0.0.1:8080/trendsCode');
     4 xhr.withCredentials = true;
     5 xhr.onload = onLoadHandler;
     6 xhr.send();
     7 
     8 // jquery
     9 $.ajax({
    10     url: "http://127.0.0.1:8080/trendsCode",
    11     type: "GET",
    12     xhrFields: {
    13         withCredentials: true
    14     },
    15     success: function (data) {
    16         // do something
    17     }
    18 });

    参考文章: https://blog.csdn.net/jiahao791869610/article/details/79175268

  • 相关阅读:
    2015生命之旅---第三站象山之行
    我的八年程序之路(四)程序路上的新起点
    2015生命之旅---第二站长沙杭州
    2015生命之旅---第一站重庆
    我的八年程序之路(三)为了理想放弃高薪
    锋友分享:国行和非国行iPhone的送修需知
    iPhone被盗后续更新二:被换机!已取机!没扣住新机!怎么找新机呢?事发半年后跟进...
    iPhone被盗后续更新一:怎么找老机
    iPhone被盗后怎么?这篇文章只办针对iOS7后的系统
    四个小诀窍 告诉你雪景怎么拍才能更好看
  • 原文地址:https://www.cnblogs.com/landmass/p/9876842.html
Copyright © 2020-2023  润新知