使用的插件:jsonwebtoken
登录添加jwt令牌
const adminService = require('../../services/adminService');
const express = require('express');
// 路由
const router = express.Router();
//高阶函数 解决无法使用promise
const { asyncHandler } = require('../getSendResult');
// jwt 认证
const jwt = require('../jwt')
router.post('/login', asyncHandler( async(req,res,next) => {
const result = await adminService.login(req.body.loginId, req.body.loginPwd);
if (result) {
// jwt
jwt.publish(res, 3600, {
id: result.id,
})
}
return result;
}))
module.exports = router;
验证jwt令牌
const jwt = require('./jwt')
/**
* 那些接口需要有cookie才能访问
*/
const needTokenApi = [
{ method: 'POST', path: '/api/student' },
{ method: 'PUT', path: '/api/student/:id' },
{ method: 'GET', path: '/api/student' },
{ method: 'GET', path: '/api/admin/whoami' },
];
const { getErr } = require('./getSendResult');
// 将路径转化为正则进行匹配
const { pathToRegexp, match, parse, compile } = require('path-to-regexp');
// const cryptoToken = require('../util/cryptoToken');
module.exports = (req, res, next) => {
const apis = needTokenApi.filter((ele) => {
const reg = pathToRegexp(ele.path);
return ele.method == req.method && reg.test(req.path);
});
if (apis.length === 0) {
next();
return;
}
/**
* 是否有token 通过cookie进行验证
*/
// let token = req.cookies.token;
// if (!token) {
// token = req.headers.authorization;
// }
// if (!token) {
// console.log('没有token');
// handleNonToken(req, res, next);
// return;
// }
// 通过session进行验证
// if(req.session.loginUser) {
// next();
// return;
// } else {
// handleNonToken(req, res, next)
// }
// 通过jwt验证
const result = jwt.verify(req)
if (!result) {
handleNonToken(req, res, next);
return;
}
req.userId = result.id;
next();
};
/**
* 没有token
* @param {*} req
* @param {*} res
* @param {*} next
*/
function handleNonToken(req, res, next) {
res
.status(403)
.send(getErr('you dont have any token to access the api', 403));
}