Sveltekit Hook防止端点请求
尝试Sveltekit,我在钩子上很难。文档似乎并没有很好地解释这一切。我目前对挂钩的理解是,它们基本上允许您在到达目的地之前与对服务器的请求进行交互? (我对更好的解释开放 - 特别是handle挂钩)。 我当前的问题是我制作了一个名为登录的端点。顾名思义,它允许用户通过生成令牌并将其作为cookie将其存储在其客户端中。这起作用,直到我添加钩子为止。阅读挂钩说明后,我发现handle钩子非常适合我想做的事情 - 验证每个请求上的令牌要求继续不间断。
export const handle: Handle = async ({ event, resolve }) => {
const isLogin = event.url.pathname.startsWith('/login')
const cookies = cookie.parse(event.request.headers.get('cookie') || '');
const token = cookies['token']
if (!token) {
if (!isLogin) {
return Response.redirect(`${event.url.origin}/login`)
}
return await resolve(event)
} else {
try {
await verifyToken(token)
if (isLogin) {
return Response.redirect(`${event.url.origin}/about`)
}
} catch (err) {
return Response.redirect(`${event.url.origin}/login`)
}
}
return await resolve(event)
};
这无法正常工作。当我将请求启动到api/login端点时,该请求似乎并没有使其在那里。我在整个端点上都有console.log s,但没有输出任何消息到终端&当我检查应用程序存储时,没有添加新的cookie。
我想念钩子什么? 为什么不将请求传递到端点?
知道我如何解决这个问题?
Trying out SvelteKit and I'm having a hard time with hooks. The docs don't really seem to explain it all too well. My current understanding of hooks is that they basically allow you to interact with requests made to your server before they get to their destination? (I'm open to a better explanation - specifically the handle hook).
My current issue is I made an endpoint called login. As the name suggests, it allows users to sign into my application by generating a token and storing it as a cookie on their client. This works until I add hooks. After reading the hooks description, I figured the handle hook is perfect for what I want to do - validate the token on each request - if invalid, reroute the user to the login screen, if valid, allow the request to continue uninterrupted.
export const handle: Handle = async ({ event, resolve }) => {
const isLogin = event.url.pathname.startsWith('/login')
const cookies = cookie.parse(event.request.headers.get('cookie') || '');
const token = cookies['token']
if (!token) {
if (!isLogin) {
return Response.redirect(`${event.url.origin}/login`)
}
return await resolve(event)
} else {
try {
await verifyToken(token)
if (isLogin) {
return Response.redirect(`${event.url.origin}/about`)
}
} catch (err) {
return Response.redirect(`${event.url.origin}/login`)
}
}
return await resolve(event)
};
This does not work as expected. When I initiate the request to the api/login endpoint, the request does not seem to make it there. I have console.logs all over the endpoint but no messages were outputted to the terminal & when I check the application storage, no new cookie was added.
What am I missing about hooks?
Why is it not passing the request off to the endpoint?
Any idea how I can fix this?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
handle挂钩运行每个请求 - 包括端点。当您在没有令牌的情况下获取
/api/login时,您的钩子会将请求重定向到/login,因为isLogin ==== false。您需要通过允许在没有登录的情况下可以访问的每个路由,例如:The
handlehook runs for every request—including endpoints.When you fetch
/api/loginwithout a token, your hook will redirect the request to/loginsinceisLogin === false. You need to allow through every route that should be accessible without a login, for example: