# login 验证 | url | 请求方式 | 响应内容 | | -------- | ---- | --------------- | | /login | GET | 响应登录页面 | | /login | POST | 对客户端提交数据进行验证 | | /profile | GET | 登录后界面,进入该页面需要验证 | ## 1.响应登录页面 * 判断是否已经登录,如果登录了直接跳转到个人主页 ```bash router.get("/login",function(req,rep,next){ isLogin(req,function(err,result){ if(err){ next(err) return } if(result==0){ //cookie修改之后resule为空也需要重新登录 rep.render("login.html") return } rep.redirect("/profile?"+req.cookies.account.name) }) }) ``` ## 2.用户提交数据验证 * 验证函数对用户提交的数据进行SQL查询 * 对查询结果进行判断 * 若验证成功则进行跳转页面至个人主页 ```bash router.post("/login",function(req,rep,next){ account=req.body.name password=md5(req.body.password) authenticateAccount(account,password,function(err,result){ if(err){ next(err) return 0; } if(result!=false){ rep.cookie("account",{name:result[0].name,password:result[0].password},{maxAge:86400000*7}) rep.redirect("/profile?"+result[0].name) } else{ rep.send("account or password error!") } }) }) ## 验证函数,回调函数在响应用户请求的时候写好的 function authenticateAccount(account,password,callback){ poolConnection.getConnection(function(err,connection){ if(err){ callback({errCode:"2", errMessage:"mysql connection error" }) return 0; } //verification sql='SELECT * FROM `user` WHERE `name`=? and `password`=?' connection.query(sql,[account,password],function(err,result,fields){ if(err){ callback( { errCode:"3", errMessage:"sql language with error"}) return 0; } connection.release(); callback(null,result) }) }) } ``` ## 3.个人主页访问权限 * 只有客户端cookies中存储的用户信息,能够被sql验证才能够访问该页面 * 否则跳转到登录页面,进行登录操作 ```bash router.get("/profile",function(req,rep,next){ isLogin(req,function(err,result){ if(err){ next(err) return } if(result==0){ //cookie修改之后resule为空也需要重新登录 rep.redirect("/login") return } rep.render("profile.html",{user:req.cookies.account.name}) }) }) ``` ## 4.登出操作 * 当访问`/logout`路由时,直接清空客户端cookies,跳转至主页 ```bash router.get("/logout",function(req,rep,next){ rep.clearCookie("account") rep.redirect("/") }) ``` --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://zpliu.gitbook.io/booknote/qian-duan-cao-zuo/shi-li-lian-xi/dong-tai-sou-suo-wang-ye/hou-duan/06-deng-lu-deng-chu-yan-zheng.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.