حل شده توسط
کیوان علی محمدی
با سلام و عرض وقت بخیر و خسته نباشید خدمت استاد
1) سوالم این است که با توجه به متن زیر
secure = trueاستفاده کنه؟Httpsزمانی میتونه باشه که سایتمون از پروتکل
cookie.secure
Specifies the boolean value for the Secure Set-Cookie attribute. When truthy, the Secure attribute is set, otherwise it is not. By default, the Secure attribute is not set.
Note be careful when setting this to true, as compliant clients will not send the cookie back to the server in the future if the browser does not have an HTTPS connection.
Please note that secure: true is a recommended option. However, it requires an https-enabled website, i.e., HTTPS is necessary for secure cookies. If secure is set, and you access your site over HTTP, the cookie will not be set. If you have your node.js behind a proxy and are using secure: true, you need to set "trust proxy" in express:
var app = express()
app.set('trust proxy', 1) // trust first proxy
app.use(session({
secret: 'keyboard cat',
resave: false,
saveUninitialized: true,
cookie: { secure: true }
}))
For using secure cookies in production, but allowing for testing in development, the following is an example of enabling this setup based on NODE_ENV in express:
var app = express()
var sess = {
secret: 'keyboard cat',
cookie: {}
}
if (app.get('env') === 'production') {
app.set('trust proxy', 1) // trust first proxy
sess.cookie.secure = true // serve secure cookies
}
app.use(session(sess))
The cookie.secure option can also be set to the special value 'auto' to have this setting automatically match the determined security of the connection. Be careful when using this setting if the site is available both as HTTP and HTTPS, as once the cookie is set on HTTPS, it will no longer be visible over HTTP. This is useful when the Express "trust proxy" setting is properly setup to simplify development vs production configuration.
بود؟Http و اگر پروتکل
و انتقادی هم دارم از روش تدریس که چرا داکیونت هر متدی رو توضیح نمیدید شاید کسی زبانش خوب نباشه واقعا خیلی مهمه که بفهمیم که هر متدی چه کاری انجام میده
و انتقاد بعدی هم اینه که چرا پروژه محور جلو نمیرید این مبحث رو