当我使用clearCookie函数时,我的快递服务器不会删除cookie。有人可以帮我理解为什么会这样吗?
用户控制器,设置cookie RefreshToken
const createaccessToken = userId => {
return sign({ userId },keys.jwtSecret,{
expiresIn: "15m"
});
};
const createRefreshToken = userId => {
return sign({ userId },keys.jwtRefreshSecret,{
expiresIn: "7d"
});
};
async login(req,res,next) {
const { email,password } = req.body;
try {
let user = await User.findOne({ email });
if (user && bcrypt.compareSync(password,user.hash)) {
// const accesstoken = jwt.sign({ _id: user._id },keys.jwtSecret);
// res.json(userWithouthash);
const accessToken = createaccessToken(user._id);
const refreshToken = createRefreshToken(user._id);
user.set("refreshToken",refreshToken);
let saved = await user.save();
const { hash,...userWithouthash } = saved.toObject();
res.cookie("refreshToken",refreshToken,{
httpOnly: true,path: "/api/users/refresh_token"
});
res.send({ accessToken,userWithouthash });
}
} catch (err) {
// res.json({ message: "username or password is incorrect" });
next(err);
}
}
用户控制器,试图删除Cookie
async logout(req,next) {
res.clearCookie("refreshToken",{
path: "/api/users/refresh_token"
});
res.send({ message: "Logged Out" });
},
此函数成功执行后,refreshToken仍然存在。