models.js内容
const mongoose = require("mongoose")
mongoose.connect('mongodb://localhost:27017/express-test',{//连接数据库
useNewUrlParser: true,
useUnifiedTopology: true,
useCreateIndex: true,
})
const Userscheme = new mongoose.Schema({
username: { type: String , unique: true},//保证用户名唯一
password: {
type: String,
set(val) {
return require('bcryptjs').hashSync(val,4)//对密码加密
}
},
})
const User = mongoose.model('User', Userscheme)
//User.db.dropCollection('users')
module.exports = { User }//对外提供一个接口
server.js
const { User } = require('./models.js')//引入外部接口
const express = require("express")
const jwt = require('jsonwebtoken')//引入JWT用于身份验证
const app = express()
const SECRET = 'zzkya'//jwt密钥
app.use(express.json())
app.get('/api/users', async function(req, res) {//获取用户列表的所有用户信息
const users = await User.find()
res.send(users)
})
app.post('/api/register', async function(req, res) {//用户注册
const user = await User.create({
username: req.body.username,
password: req.body.password,
})
res.send(user)
})
app.post('/api/login', async function(req, res) {//用户登录
const user = await User.findOne({//检验用户名
username: req.body.username
})
if(!user) {
return res.status(422).send({
msg:" 用户名不存在"
})
}
const ispassword = require('bcryptjs').compareSync(//检验密码
req.body.password,
user.password
)
if(!ispassword) {
return res.status(422).send({
msg:" 密码错误"
})
}
//JWT通过用户id和密钥生成token
const token = jwt.sign({
id: String(user._id),
}, SECRET)
res.send({
user,
token: token
})
})
const auth = async (req, res, next) => {//中间件
const raw = String(req.headers.authorization).split(' ').pop()//获取token
const { id } = jwt.verify(raw, SECRET)//验证token返回id
req.user = await User.findById(id)//通过id找到用户
next()
}
app.get('/api/profile', auth, async function(req,res) {//使用中间件获取用户信息
res.send(req.user)
})
app.listen(3030, () => {
console.log('ok!');
});
本次借助vscode的rest client来测试
test.http
@url=http://localhost:3030/api
@json=Content-Type: application/json
###所有用户
get {{url}}/users
###注册
post {{url}}/register
{{json}}
{
"username": "zzk",
"password": "123"
}
###登录
post {{url}}/login
{{json}}
{
"username": "zzk",
"password": "123"
}
###个人信息
get {{url}}/profile
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjVmYTNmYTA3YTQzZWJiNDg3ODFkZmRiMiIsImlhdCI6MTYwNDU4MTg5Nn0.RJpgYSUHsfQSlqDv-eKtw8nWRi7tusHCCBeae1e8u3U