var connect = require('connect'),
users = require('./users');//注意这里直接require了json文件 当你只是对外暴露数据的时候 就不需要加上module.exports 直接把数据文件以JSON的形式暴露出来就好
var server = connect(
connect.logger('dev'),
connect.bodyParser(),
connect.cookieParser(),
connect.session({secret: 'my app secret'}),//这句不能少 否则 会报错找不到 req.session.logged_in
function (req, res, next) {
console.log("1");
if ('/' == req.url && req.session.logged_in) {
res.writeHead(200, {'Content-TYpe': 'text/html'});
res.end('Welcome back,<b>' + req.session.name + '</b>.' + '<a href="/logout">Logout</a> ');
}
else {
next();
}
},
function (req, res, next) {
console.log("2");
if (req.url == '/' && 'GET' == req.method) {
res.writeHead(200, {'Content-TYpe': 'text/html'});
res.end([
'<form action="/login" method="POST">',
'<fieldset>',
'<legend>Please Log In</legend>',
'<p>User:<input type="text" name="user"></p>',
'<p> Password:<input type="password" name="password"></p>',
'<button>Submit</button>',
'</fieldset>',
'<form>'
].join(''));
}
else
next();
},
//检查登录信息是否与用户凭证匹配
function (req, res, next) {
console.log("3");
if ('/login' == req.url && 'POST' == req.method) {
res.writeHead(200);
if (!users[req.body.user] || req.body.password != users[req.body.user].password) {
res.end('Bad username/password');
} else {
req.session.logged_in = true;
req.session.name = users[req.body.user].name;
res.end('Authenticated');
}
} else {
next();
}
},
//处理登出的中间件
function (req, res, next) {
console.log("4");
if ('/logout' == req.url) {
req.session.logged_in = false;
res.writeHead(200);
res.end('Logged out!');
} else {
next();
}
}
);
server.listen(3000);
users伪数据如下:
{
"fangchao":{
"password":123456,
"name":"fangchao's name"
}
}