Token 值每次断开则更新

route/token.js

@@ -11,6 +11,7 @@ router.get('/', function (req, res) {
     //ajax 会受到浏览器跨域限制，姑不能对其进行csrf攻击获取token，尽管它可伪造。
     if (req.xhr) {
         if (!req.session['token']) {
+            MCSERVER.log('[ Token ]', '用户 ', req.session['username'], ' 请求更新令牌');
             //强化 token
             req.session['token'] = permssion.randomString(6) + UUID.v4().replace(/-/igm, "");
         }

route/user.js

@@ -14,9 +14,8 @@ const userManager = userCenter();
 
 router.post('/loginout', function (req, res) {
     permssion.needLogin(req, res, () => {
-        MCSERVER.log('用户:' + req.session['username'] + '退出');
+        MCSERVER.log('[loginout] 用户:' + req.session['username'] + '退出');
         req.session.destroy();
-        //向前端发送退出
         response.returnMsg(res, 'user/logout', 'loginOut');
     }, () => {
         response.returnMsg(res, 'MASTER!', 'Please Login!!! | 请登陆好么?');

route/websocket.js

@@ -111,7 +111,7 @@ router.ws('/ws', function (ws, req) {
             });
             //response.wsSend(ws, 'ws/res', true);
         } catch (err) {
-            MCSERVER.error('WebSocket 请求处理时报错，且下层尚未捕捉', err);
+            MCSERVER.error('WebSocket 处理此请求出现异常:', err);
         }
     });
 
@@ -121,8 +121,9 @@ router.ws('/ws', function (ws, req) {
 
         //释放一些数据
         delete varCenter.get('user_token')[token];
-        varCenter.get('user_token')[token] = undefined;
+        // varCenter.get('user_token')[token] = undefined;
-        delete token;
+        req.session['token'] = undefined;
+        req.session.save();
         delete WsSession;
 
         //释放全局变量