1 checkTokenMiddleware.js验证token中间件
const jwt = require('jsonwebtoken');
const {secret} = require('../config/config');
module.exports = (req, res, next) => {
let token = req.get('token');
if (!token) {
return res.json({
code: '2003',
msg: 'token 缺失',
data: null
})
}
jwt.verify(token, secret, (err, data) => {
if (err) {
return res.json({
code: '2004',
msg: 'token 校验失败~~',
data: null
})
}
req.user = data;
next();
});
}
2 auth.js登录时创建当前用户的token
const jwt = require('jsonwebtoken');
const {secret} = require('../../config/config')
let token = jwt.sign({
username: data.username,
_id: data._id
}, secret, {
expiresIn: 60 * 60 * 24 * 7
});
res.json({
code: '0000',
msg: '登录成功',
data: token
})