//cookie
app.use(express.cookieParser());
//session
app.use(express.session({
secret:config.session_secret,
store: new mongoStore({
url: config.mongodb,
collection : 'sessions'
})
}));
app.use(express.csrf());
app.use(function(req, res, next){
res.locals.req = req;
res.locals.session = req.session;
res.locals.csrf = req.session ? req.session._csrf : ''
next();
});
我的_csrf一直在变化着的呢?我看cnodejs网站和其他网站,都没变化,求解。。 req.session._csrf is deprecated, use req.csrfToken([callback]) instead
2 回复
