安装npm install jsonwebtoken
官方文档
https://www.npmjs.com/package/jsonwebtoken
jwt中文解析
签发token
var jwt = require('jsonwebtoken');
// jwt.sign 的第一个参数是 从前端获取的参数/或数据 第二个参数是 密钥 在验证token时也会用到密钥
var token = jwt.sign({ foo: 'bar' }, 'shhhhh');
验证token
// jwt.verify 的第一个参数是 之前签发的token 第二个参数是密钥
var decoded = jwt.verify(token, 'shhhhh');
console.log(decoded)
完整代码
const express = require("express");
const jwt = require("jsonwebtoken");
const app = express()
//跨域处理
app.use('*',function(req,res,next){
res.setHeader("Access-Control-Allow-Origin", "*");
res.setHeader("Access-Control-Allow-Headers", "Content-Type");
// res.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
// res.setHeader("Access-Control-Max-Age", "3600");
// res.setHeader("Access-Control-Allow-Credentials", "true");
next();
});
// 处理post请求
app.use(express.json())
app.use(express.urlencoded({ extended: false }))
app.get('/', (req, res) => res.send('Hello World!'));
app.get('/login', (req, res) => {
console.log(req.query)
let name = req.query.name
let pass = req.query.pass
// 这个是密钥
let secret = 'MIYAO';
// 签发token 设置有效时间为 1800s
let token = jwt.sign({name, pass}, secret, { expiresIn: 60 * 30 })
res.send({
code: 1,
msg: '登录成功',
data: {
token,
name
}
})
})
app.post('/ver', async (req, res) => {
let token = req.body.token
// console.log(req.body.token)
let secret = 'MIYAO';
// 验证token
try {
// 验证通过
const payload = jwt.verify(token, secret)
console.log(payload)
res.send({code: 1, msg: 'success', payload})
} catch (error) {
// 验证不通过
res.status(401).send({
msg: 'invalid token'
})
}
})
app.listen(3000)