質問編集履歴
3
名前の追加
test
CHANGED
File without changes
|
test
CHANGED
@@ -14,6 +14,8 @@
|
|
14
14
|
|
15
15
|
|
16
16
|
|
17
|
+
app.js
|
18
|
+
|
17
19
|
``` javascript
|
18
20
|
|
19
21
|
require('./db/mongo');
|
@@ -172,7 +174,7 @@
|
|
172
174
|
|
173
175
|
```
|
174
176
|
|
175
|
-
|
177
|
+
index.js
|
176
178
|
|
177
179
|
``` javascript
|
178
180
|
|
@@ -190,7 +192,7 @@
|
|
190
192
|
|
191
193
|
```
|
192
194
|
|
193
|
-
|
195
|
+
index.ejs
|
194
196
|
|
195
197
|
```javascript
|
196
198
|
|
2
コードの追加
test
CHANGED
File without changes
|
test
CHANGED
@@ -1,5 +1,9 @@
|
|
1
1
|
JavaScriptとExpressでcsrfがうまく動作しないです。
|
2
2
|
|
3
|
+
うまくいけばejsで書いた部分が表示されるはずなのですが'req.csrfToken() is not a function'と言う表示が出てしまいます。
|
4
|
+
|
5
|
+
|
6
|
+
|
3
7
|
> npm i mongoose csurf express-session method-override connect-flash --s
|
4
8
|
|
5
9
|
で必要なものはインストールしました。
|
@@ -12,10 +16,160 @@
|
|
12
16
|
|
13
17
|
``` javascript
|
14
18
|
|
19
|
+
require('./db/mongo');
|
20
|
+
|
21
|
+
|
22
|
+
|
23
|
+
const createError = require('http-errors');
|
24
|
+
|
25
|
+
const express = require('express');
|
26
|
+
|
27
|
+
const path = require('path');
|
28
|
+
|
29
|
+
const cookieParser = require('cookie-parser');
|
30
|
+
|
31
|
+
const logger = require('morgan');
|
32
|
+
|
33
|
+
|
34
|
+
|
35
|
+
const session = require("express-session");
|
36
|
+
|
15
37
|
const csurf = require("csurf");
|
16
38
|
|
39
|
+
const mongoose = require("mongoose");
|
40
|
+
|
41
|
+
const flash = require("connect-flash");
|
42
|
+
|
43
|
+
const methodOverride = require("method-override");
|
44
|
+
|
45
|
+
const bodyParser = require('body-parser');
|
46
|
+
|
47
|
+
|
48
|
+
|
49
|
+
const indexRouter = require('./routes/index');
|
50
|
+
|
51
|
+
const usersRouter = require('./routes/users');
|
52
|
+
|
53
|
+
|
54
|
+
|
55
|
+
const app = express();
|
56
|
+
|
57
|
+
|
58
|
+
|
59
|
+
mongoose.connect('mongodb://localhost/practice');
|
60
|
+
|
61
|
+
|
62
|
+
|
63
|
+
// view engine setup
|
64
|
+
|
65
|
+
app.set('views', path.join(__dirname, 'views'));
|
66
|
+
|
67
|
+
app.set('view engine', 'ejs');
|
68
|
+
|
69
|
+
|
70
|
+
|
71
|
+
app.use(logger('dev'));
|
72
|
+
|
73
|
+
app.use(express.json());
|
74
|
+
|
75
|
+
app.use(bodyParser.json());
|
76
|
+
|
77
|
+
app.use(express.urlencoded({ extended: false }));
|
78
|
+
|
79
|
+
app.use(bodyParser.urlencoded({ extended: false }));
|
80
|
+
|
81
|
+
app.use(cookieParser());
|
82
|
+
|
83
|
+
app.use(express.static(path.join(__dirname, 'public')));
|
84
|
+
|
85
|
+
|
86
|
+
|
87
|
+
app.use('/', indexRouter);
|
88
|
+
|
89
|
+
app.use('/users', usersRouter);
|
90
|
+
|
91
|
+
|
92
|
+
|
93
|
+
// catch 404 and forward to error handler
|
94
|
+
|
95
|
+
app.use(function(req, res, next) {
|
96
|
+
|
97
|
+
next(createError(404));
|
98
|
+
|
99
|
+
});
|
100
|
+
|
101
|
+
|
102
|
+
|
103
|
+
// error handler
|
104
|
+
|
105
|
+
app.use(function(err, req, res, next) {
|
106
|
+
|
107
|
+
// set locals, only providing error in development
|
108
|
+
|
109
|
+
res.locals.message = err.message;
|
110
|
+
|
111
|
+
res.locals.error = req.app.get('env') === 'development' ? err : {};
|
112
|
+
|
113
|
+
|
114
|
+
|
115
|
+
// render the error page
|
116
|
+
|
117
|
+
res.status(err.status || 500);
|
118
|
+
|
119
|
+
res.render('error');
|
120
|
+
|
121
|
+
});
|
122
|
+
|
123
|
+
|
124
|
+
|
125
|
+
|
126
|
+
|
127
|
+
app.use(methodOverride(function(req, res){
|
128
|
+
|
129
|
+
if( req.body && typeof req.body === "object" && "_method" in req.body ){
|
130
|
+
|
131
|
+
const method = req.body._method;
|
132
|
+
|
133
|
+
delete req.body._method;
|
134
|
+
|
135
|
+
return method;
|
136
|
+
|
137
|
+
}
|
138
|
+
|
139
|
+
}));
|
140
|
+
|
141
|
+
|
142
|
+
|
143
|
+
app.use(session({
|
144
|
+
|
145
|
+
secret: 'a',
|
146
|
+
|
147
|
+
resave: false,
|
148
|
+
|
149
|
+
saveUninitialized: false,
|
150
|
+
|
151
|
+
cookie: {
|
152
|
+
|
153
|
+
httpOnly: true,
|
154
|
+
|
155
|
+
secure: true,
|
156
|
+
|
157
|
+
maxage: 1000 * 60 * 30 // 30 minutes
|
158
|
+
|
159
|
+
}
|
160
|
+
|
161
|
+
}));
|
162
|
+
|
17
163
|
app.use(csurf());
|
18
164
|
|
165
|
+
app.use(flash());
|
166
|
+
|
167
|
+
|
168
|
+
|
169
|
+
module.exports = app;
|
170
|
+
|
171
|
+
|
172
|
+
|
19
173
|
```
|
20
174
|
|
21
175
|
|
1
追加しました
test
CHANGED
File without changes
|
test
CHANGED
@@ -1,4 +1,12 @@
|
|
1
1
|
JavaScriptとExpressでcsrfがうまく動作しないです。
|
2
|
+
|
3
|
+
> npm i mongoose csurf express-session method-override connect-flash --s
|
4
|
+
|
5
|
+
で必要なものはインストールしました。
|
6
|
+
|
7
|
+
|
8
|
+
|
9
|
+
[参考にしたサイト](http://webdesign-dackel.com/2015/09/29/vagrant-node-express4-mongodb/)
|
2
10
|
|
3
11
|
|
4
12
|
|
@@ -59,3 +67,5 @@
|
|
59
67
|
|
60
68
|
|
61
69
|
どのようにすれば動くようになるでしょうか?
|
70
|
+
|
71
|
+
できればコードの大きな改変をせずに動作させるようにしたいです。
|