安装jsonwebtoken
yarn add jsonwebtoken
封装token的过期校验和生成方法
//JWT.js
const jsonwebtoken = require('jsonwebtoken');
// 密钥
const secret = "shushu"
const JWT = {
// 生成token
generate (value, expries) {
// 生成webtoken签名
return jsonwebtoken.sign(value, secret, { expiresIn: expries })
},
// 验证token
verify (token) {
try {
return jsonwebtoken.verify(token, secret)
} catch (error) {
return false
}
}
}
module.exports = JWT
封装对于路由是否携带token校验
//authenticateToken.js
const JWT = require("./JWT");
function authenticateToken (req, res, next) {
// 如果是访问的登录页面,那就直接放行
if (req.url.includes('login')) {
next()
return
}
const token = req.headers["authorization"].split(" ")[1];
if (token) {
// 如果token有效就放行,如果token过期了就返回401【未经授权】错误
const payload = JWT.verify(token)
// 如果token有效的话就更新token,使得其重新计算过期时间
if (payload) {
const newToken = JWT.generate({
_id: payload._id,
username: payload.username
}, '1d')
res.header('Authorization', newToken);
next()
} else {
res.status(401).send({ errCode: '1', errorInfo: "token过期" })
}
}
}
module.exports = authenticateToken
在某个路由文件中整体使用
//shop.js
var express = require('express');
var ShopRouter = express.Router();
const ShopController = require('../controllers/admin/ShopController');
// 图片上传
const multer = require('multer');
const authenticateToken = require('../utils/authenticateToken');
// 用于放置上传的图片
const upload = multer({ dest: 'public/shopuploads/' });
const upload2 = multer({ dest: 'public/shopPics/' });
// token验证
ShopRouter.use(authenticateToken)
// 注册商铺
// 由于设置文件上传,所以普通的post提交不行,需要加上multer中间件
ShopRouter.post('/register', upload.single('file'), ShopController.register)
// 获取验证码
ShopRouter.get('/getCode', ShopController.getCode)
// 登录
ShopRouter.post('/login', ShopController.login)
// 更新店铺信息
ShopRouter.put('/update', upload2.array('shopPics'), ShopController.update)
// 获取店铺列表
ShopRouter.get('/getList', ShopController.getList)
// 根据店铺id获取具体的某一个店铺
ShopRouter.get('/getList/:id', ShopController.getList)
// 删除店铺
ShopRouter.delete('/delete', ShopController.delete)
module.exports = ShopRouter;
在某个路由中使用
ShopRouter.post('/register',authenticateToken, upload.single('file'), ShopController.register)