使用的插件:jsonwebtoken
登录添加jwt令牌
const adminService = require('../../services/adminService');const express = require('express');// 路由const router = express.Router();//高阶函数 解决无法使用promiseconst { asyncHandler } = require('../getSendResult');// jwt 认证const jwt = require('../jwt')router.post('/login', asyncHandler( async(req,res,next) => {const result = await adminService.login(req.body.loginId, req.body.loginPwd);if (result) {// jwtjwt.publish(res, 3600, {id: result.id,})}return result;}))module.exports = router;
验证jwt令牌
const jwt = require('./jwt')/*** 那些接口需要有cookie才能访问*/const needTokenApi = [{ method: 'POST', path: '/api/student' },{ method: 'PUT', path: '/api/student/:id' },{ method: 'GET', path: '/api/student' },{ method: 'GET', path: '/api/admin/whoami' },];const { getErr } = require('./getSendResult');// 将路径转化为正则进行匹配const { pathToRegexp, match, parse, compile } = require('path-to-regexp');// const cryptoToken = require('../util/cryptoToken');module.exports = (req, res, next) => {const apis = needTokenApi.filter((ele) => {const reg = pathToRegexp(ele.path);return ele.method == req.method && reg.test(req.path);});if (apis.length === 0) {next();return;}/*** 是否有token 通过cookie进行验证*/// let token = req.cookies.token;// if (!token) {// token = req.headers.authorization;// }// if (!token) {// console.log('没有token');// handleNonToken(req, res, next);// return;// }// 通过session进行验证// if(req.session.loginUser) {// next();// return;// } else {// handleNonToken(req, res, next)// }// 通过jwt验证const result = jwt.verify(req)if (!result) {handleNonToken(req, res, next);return;}req.userId = result.id;next();};/*** 没有token* @param {*} req* @param {*} res* @param {*} next*/function handleNonToken(req, res, next) {res.status(403).send(getErr('you dont have any token to access the api', 403));}
若有收获,就点个赞吧
0 人点赞
