I'm trying to implement 'duplicate-login prevention' routine in node.js what I intended is
1) create mysql-table UserSession(userid, sessionID)
2) for each valid login request, check sessionID for given userid
3-1) if it's NULL, proceed 4)
3-2) if it's not null(=session already exists), end that session
4) give new session
but I have some trouble in 3-2) these are my code(I'm using express4)
app.js
var routes = require('/routes/index');
var session = require('express-session');
var sessionStore = new session.MemoryStore();
var app = express();
//...
app.use(session({
secret: "secret key",
resave: false,
saveUninitialized: true,
store: sessionStore,
cookie: { maxAge: 10000*60*60 }
}));
//...
app.use('/', routes);
index.js
var router = require('express').router;
var accountUnit = require('./accountUnit');
//...
router.use('/account', accountUnit);
//...
module.exports = router;
accountUnit.js
var router = require('express').router;
//...
// login/logout function
//...
module.exports = router;
As I think, I have to access to sessionStore(in app.js) in accountUnit.js to implement 3-2). But it seems unrealistic because requiring is one-directional. It seems I can only access to req.session rather than the whole session list(sessionStore)..
Q1. Is there any ways to use sessionStore(in app.js ) in accountUnit.js ?
Q2. Is my idea about preventing duplicate login is right?
Aucun commentaire:
Enregistrer un commentaire