Node.js 如何在React中持久化用户登录&;Redux,express后端应用程序,带JWT,不带Redux之类的软件包?
所以,这就是我正在做的。当用户登录时,JWT令牌在localStorage中设置。我正在尝试持久化用户登录。登录后,注销按钮会显示在标题上,但如果我刷新,我认为redux存储会被清除。我读了一些关于如何在react中使用jwt令牌验证的文章,以及Node.js 如何在React中持久化用户登录&;Redux,express后端应用程序,带JWT,不带Redux之类的软件包?,node.js,reactjs,express,redux,Node.js,Reactjs,Express,Redux,所以,这就是我正在做的。当用户登录时,JWT令牌在localStorage中设置。我正在尝试持久化用户登录。登录后,注销按钮会显示在标题上,但如果我刷新,我认为redux存储会被清除。我读了一些关于如何在react中使用jwt令牌验证的文章,以及/me路由或App.js本身中的componentDidMount()。任何帮助都将不胜感激 LoginForm.js import React, { Component } from "react" import validator from "va
/me
路由或App.js本身中的componentDidMount()。任何帮助都将不胜感激
LoginForm.js
import React, { Component } from "react"
import validator from "validator"
import { loginUser } from "../actions/index"
import { connect } from "react-redux"
class LoginForm extends Component {
constructor(props) {
super(props)
this.state = {
email: "",
password: ""
}
}
handleChange = (event) => {
const { name, value } = event.target
this.setState({
[name]: value
})
}
handleSubmit = (event) => {
event.preventDefault();
const { email, password } = this.state;
const loginData = {
email: this.state.email,
password: this.state.password
}
if (!email || !password) {
return alert('Email and password are must.');
}
if (password.length < 6) {
return alert('Password must contain 6 characters.');
}
if (!validator.isEmail(email)) {
return alert('Invalid email.');
}
this.props.dispatch(loginUser(loginData))
this.props.history.push("/")
}
render() {
const isAuthInProgress = this.props.auth.isAuthInProgress
return (
<div>
<div className="field">
<p className="control has-icons-left has-icons-right">
<input className="input" onChange={this.handleChange} name="email" value={this.state.email} type="email" placeholder="Email" />
<span className="icon is-small is-left">
<i className="fas fa-envelope"></i>
</span>
<span className="icon is-small is-right">
<i className="fas fa-check"></i>
</span>
</p>
</div>
<div className="field">
<p className="control has-icons-left">
<input className="input" onChange={this.handleChange} name="password" value={this.state.password} type="password" placeholder="Password" />
<span className="icon is-small is-left">
<i className="fas fa-lock"></i>
</span>
</p>
<p className="has-text-danger">Forgot password?</p>
</div>
<div className="field">
<p className="control">
{
isAuthInProgress ? <p>Logging in...</p>
:
<button onClick={this.handleSubmit} className="button is-success">
Login
</button>
}
</p>
</div>
</div >
)
}
}
const mapStateToProps = (state) => {
return state
}
export default connect(mapStateToProps)(LoginForm)
我认为最好的方法是使用饼干
在登录路由中设置cookie
res.cookie("authToken", auth.signToken(email), {
httpOnly: false,
})
然后在react端,您可以使用jscookie
包来检索它,并在后续的身份验证请求中使用它
import Cookies from 'js-cookie';
class SomeComponent extends Component {
constructor(props) {
super(props)
this.state = {
email: "",
password: "",
cookie: Cookies.get('authToken')
}
}
}
我认为最好的方法是使用饼干
在登录路由中设置cookie
res.cookie("authToken", auth.signToken(email), {
httpOnly: false,
})
然后在react端,您可以使用jscookie
包来检索它,并在后续的身份验证请求中使用它
import Cookies from 'js-cookie';
class SomeComponent extends Component {
constructor(props) {
super(props)
this.state = {
email: "",
password: "",
cookie: Cookies.get('authToken')
}
}
}
这种方法不容易受到XSS攻击吗?这种方法不容易受到XSS攻击吗?
res.cookie("authToken", auth.signToken(email), {
httpOnly: false,
})
import Cookies from 'js-cookie';
class SomeComponent extends Component {
constructor(props) {
super(props)
this.state = {
email: "",
password: "",
cookie: Cookies.get('authToken')
}
}
}