Open ythy opened 1 year ago
sameSite: 'none'
secure: true
app.post('/auth', (req: express$Request, res: express$Response) => { res.cookie('sessionId', session.id, { secure: true, sameSite: 'none' }); });
https
openssl req -new -x509 -days 7300 -nodes -sha256 -out flatris-public-key.crt -keyout flatris_private_key.pem
默认的配置在环境变量里设置路径OPENSSL_CONF=D:\works\ca\openssl.cnf 参考 #226
OPENSSL_CONF=D:\works\ca\openssl.cnf
import fs from 'fs'; import path from 'path'; import https from 'https'; import express from 'express'; import cookieParser from 'cookie-parser'; import session from 'express-session';
const rootDir = process.cwd(); const privateKey = fs.readFileSync( path.join(rootDir, 'https/flatris_private_key.pem'), 'utf8' ); const certificate = fs.readFileSync( path.join(rootDir, 'https/flatris-public-key.crt'), 'utf8' ); const credentials = { key: privateKey, cert: certificate };
const app = express(); app.use( cookieParser('f', { secure: true, sameSite: 'none', }) ); app.use( session({ secret: 'f', resave: false, saveUninitialized: true, cookie: { secure: true, sameSite: 'none' }, })
const httpsServer = https.createServer(credentials, app); server.listen(5000, undefined, undefined, err => { if (err) throw err; console.log(> Ready on https); });
> Ready on https
sameSite: 'none'
和secure: true
secure: true
的话,必须使用https
https
, 首先需要生成ssl证书,命令如下默认的配置在环境变量里设置路径
OPENSSL_CONF=D:\works\ca\openssl.cnf
参考 #226const rootDir = process.cwd(); const privateKey = fs.readFileSync( path.join(rootDir, 'https/flatris_private_key.pem'), 'utf8' ); const certificate = fs.readFileSync( path.join(rootDir, 'https/flatris-public-key.crt'), 'utf8' ); const credentials = { key: privateKey, cert: certificate };
const app = express(); app.use( cookieParser('f', { secure: true, sameSite: 'none', }) ); app.use( session({ secret: 'f', resave: false, saveUninitialized: true, cookie: { secure: true, sameSite: 'none' }, })
const httpsServer = https.createServer(credentials, app); server.listen(5000, undefined, undefined, err => { if (err) throw err; console.log(
> Ready on https
); });