后端 routes.js
const assert = require('http-assert')
router.get('/', async (req, res, next) => {
const token = String(req.headers.authorization || '').split(' ').pop()
assert(token, 401, '请先登录')
const { id } = jwt.verify(token, app.get('secret'))
assert(id, 401, '请先登录')
req.user = await AdminUser.findById(id)
assert(req.user, 401, '请先登录')
await next()
}, async (req, res) => {})
app.post('/admin/api/login', async (req, res) => {
const { username, password } = req.body
const user = await AdminUser.findOne({ username }).select('+password')
assert(user, 422, '用户不存在')
const isValid = require('bcryptjs').compareSync(password, user.password)
assert(isValid, 422, '密码错误')
const token = jwt.sign({ id: user._id }, app.get('secret'))
res.send({ token })
})
app.use(async (err, req, res, next) => {
res.status(err.statusCode || 500).send({
message: err.message
})
})
前端 http.js
http.interceptors.response.use(
res => {
return res
},
err => {
if (err.response.data.message) {
Vue.prototype.$message({
type: 'error',
message: err.response.data.message
})
if (err.response.status === 401) {
router.push('/login')
}
}
return Promise.reject(err)
}
)