node.js - Express - Session mismatch, user ends up on other user -


have major probelm usser sometimed ends on wrong user.

have following setup in app.js.

    var session = require('express-session');     var redisstore = require('connect-redis')(session);     var redis = require('redis');     var app = express();     env.express(app);     app.enable('trust proxy');     app.set('views', __dirname + '/views');     app.use(bodyparser.json());     app.use(bodyparser.urlencoded({extended: true}));     app.use(methodoverride());     app.use(cookieparser());     app.use(session({         secret : config.envconfig.session.secret,         name : config.envconfig.session.name,         store: new redisstore({             host: config.envconfig.redis.host,             port: config.envconfig.redis.port,             client: redis.createclient(),             ttl: config.envconfig.redis.sessiontimout })

node application has nginx reverse proxy on front. ideas, please!!! (mabye has todo app.enable('trust proxy'))

here load layout, userdata.

exports.loadpage = function(req, res){         var pageid = req.params.pageid;         var serverid = req.session.server;         var user = req.session.user;         var body = {             "pages": ""         };          projectsservice.getasdf(serverid, user.token)             .then(function(aa) {                 return pagesservice.loadpage(pageid, aa);             })             .then(function(pages){                 body.pages = pages;                 return subscriptionservice.getssss({server:serverid, system:user.guid, id:user.userid,                     type: "user"})                     .then(function (sub) {                         res.send(200, body);                     })                     .catch(function () {                         res.send(200, body);                     });             })             .catch(function(err) {                 log.error(err);                 res.send(500, "could not load page");             });     };      exports.loaduserdata = function(req, res){         var user = req.session.user,             guid = req.session.user.guid,             serverid = req.session.server;          userdata.getuserdata(user.userid, guid)             .then(function(result){                 var deferred = q.defer();                 var serverdata;                 var groupsdata;                 serverservice.getsettings(serverid)                     .then(function(server){                         serverdata = server;                         return someservice.getgroups(server.apiurl, user.token);                     })                     .then(function(groups){                         groupsdata = json.parse(groups);                         return someservice.getallusers(serverdata.apiurl, user.token);                     })                     .then(function(allagents){                         var allagentsgroup = { "id": -1, "users": json.parse(allagents) };                         groupsdata.unshift(allagentsgroup);                         return groupsservice.savegroups(groupsdata, systemguid);                     })                     .then(function(){                         result.asdf = serverdata.asdf;                         return deferred.resolve(result);                     })                     .catch(function(err){                         return deferred.reject(err);                     })                     .done();                 return deferred.promise;             })             .then(function(result){                 result.servertime = new date();                 result.instanceid = new objectid();                 res.send(200, result);             })             .catch(function(err){                 res.send(err.statuscode || 500, "could not initialize user data.");             });         };

//login-method set session...

    exports.login = function (req, res) {         var credentials = req.body.user;         credentials.issuperuser = credentials.username.endswith("****");           authservice.authenticate(credentials)             .then(loginsuccess)             .catch(loginerror)             .done();          function loginsuccess(authenticatedresults){             if (credentials.issuperuser && authenticatedresults.length > 1 && credentials.server && credentials.version){                 authenticatedresults = authenticatedresults.filter(function (item) {                     return item.server === credentials.server && item.version === credentials.version;                 });             }              if(authenticatedresults.length === 1){                 req.session.user = authenticatedresults[0].user;                 req.session.server = authenticatedresults[0].server;                 req.session.version = authenticatedresults[0].version;                 logger.userloggedin(req.session.user);              }              res.send(200, authenticatedresults);         }

//nginx looks this

        server {              listen 80;          server_name domain.com;          proxy_set_header upgrade $http_upgrade;          proxy_set_header connection "upgrade";          proxy_set_header x-forwarded-for $proxy_add_x_forwarded_for;          proxy_next_upstream error timeout invalid_header http_500;          proxy_connect_timeout   2;          proxy_set_header host $host;          proxy_http_version 1.1;            location /user/ {             add_header set-cookie "version='';path=/";             rewrite ^/user(.*)$ http://$server_name:80? redirect;               }             location / {             proxy_pass http://$sticky_backend;           }             location ~ ^/(?<cver>v[12])/ {             add_header set-cookie "version=$cver;path=/";             rewrite ^/v[12]/(.*)$ /$1 redirect;           }     }

edit: problem on iis - wich in front of nginx. solved disable cache , kernel cache on iis.


Comments

Post a Comment

Popular posts from this blog

javascript - Google App Script ContentService downloadAsFile not working -

i have web app developed using google app script htmlservice , html form, populating excel sheet in google drive using spreadsheetapp . , 1 section calling contentservice download data excel file. function doget(e) { // read excel sheet //getappfile(); // render application html template return htmlservice.createtemplatefromfile('index').evaluate() .settitle('go smart') .setsandboxmode(htmlservice.sandboxmode.iframe); } function downloaddoublequatecsvfile() { var sheetid = propertiesservice.getscriptproperties().getproperty('sheetid'); var ss = spreadsheetapp.openbyid(sheetid).getactivesheet(); //var ss = spreadsheetapp.getactivespreadsheet().getactivesheet(); var maxcolumn = ss.getlastcolumn(); var maxrow = ss.getlastrow(); var data = ss.getrange(1, 1, maxrow, maxcolumn).getvalues(); if (data.length > 1) { var csv = ""; (var row = 0; row < data.length; row++) { (var c...
Read more

javascript - Function overwritting -

is there way overwrite function or event handling in function? using addeventlistener, can have many event handlers on element want var test=document.getelementbyid("div"); test.addeventlistener("click",function(){alert("im first");},false); test.addeventlistener("click",function(){alert("im second");},false); // alerts "im first" , after "im second" but if want overwrite function/event example based on client width example this function one() { alert("first"); } function two() { alert("second"); } window.onresize = function() { var test = document.getelementbyid("div"); if (window.innerwidth > 500) { test.onclick = 1 } else { test.onclick = two; } } is possible in javascript? in case use effective little known approach. addeventlistener can accept object property handleevent event handler. in case it's easy overwr...
Read more

php - Find a regex to take part of Email -

i have following emails need extract part from: bestellnummer xxx: 1 von xxx, 1er pack ------------- anfang der nachricht ------------- foo bar baz foo bar baz // <<<<< need text here ------------- ende der nachricht ------------- ------------- anfang der nachricht ------------- foo bar baz foo bar baz ------------- ende der nachricht ------------- there 0 unlimited occurences of ------------- anfang der nachricht ------------- ------------- ende der nachricht ------------- and i'm able extract first part regex: $re = "/------------- .*? -------------.?(.*?).?------------- .*? -------------/s"; but, i'm quite new on learning regex, i'm pretty sure there must better regex extract part (foo bar baz foo bar baz) of text between ------------- anfang der nachricht ------------- ------------- ende der nachricht ------------- as can in different languages, i'm using .? to match between hyphens. i...
Read more