前言
token 验证,在设计登录注册和一些权限接口时发挥作用。以nodejs为例,谈一谈jsonwebtoken
的使用。
正文
一. 安装
$ token function">npm i jsonwebtoken
二. 使用
- 首先,需要提供一个密匙,也就是一个字符串,用于token的生成和验证。这个密匙一般会声明为全局变量,也就是在启动文件
app.js
中,方便在各个路由板块中共同使用。
token comment">//将变量挂载到app上,app.get是取变量
apptoken punctuation">.token keyword">settoken punctuation">(token string">'secret'token punctuation">, token string">'zedhello99'token punctuation">)
- 在路由文件中,引入
jsonwebtoken
模块以及密匙
token keyword">const jwToken token operator">= token function">requiretoken punctuation">(token string">'jsonwebtoken'token punctuation">)
token keyword">const secret token operator">= apptoken punctuation">.token keyword">gettoken punctuation">(token string">'secret'token punctuation">)
token token operator">= jwTokentoken punctuation">.token function">signtoken punctuation">(token punctuation">{_idtoken punctuation">: usertoken punctuation">._idtoken punctuation">}token punctuation">, secrettoken punctuation">)
token keyword">const token function-variable function">verifyToken token operator">= token punctuation">(reqtoken punctuation">, restoken punctuation">, nexttoken punctuation">) token operator">=> token punctuation">{
token keyword">const bearerHeader token operator">= reqtoken punctuation">.headerstoken punctuation">.authorization
token keyword">if token punctuation">(token keyword">typeof bearerHeader token operator">!== token string">'undefined'token punctuation">) token punctuation">{
reqtoken punctuation">.token token operator">= bearerHeadertoken punctuation">.token function">splittoken punctuation">(token string">' 'token punctuation">)token punctuation">[token number">1token punctuation">]
token function">nexttoken punctuation">(token punctuation">)
token punctuation">} token keyword">else token punctuation">{
restoken punctuation">.token function">statustoken punctuation">(token number">401token punctuation">)token punctuation">.token function">sendtoken punctuation">(token punctuation">{
messagetoken punctuation">: token string">'请先登录'
token punctuation">}token punctuation">)
token punctuation">}
token punctuation">}
routertoken punctuation">.token function">posttoken punctuation">(token string">'/logout'token punctuation">, verifyTokentoken punctuation">, token punctuation">(reqtoken punctuation">, restoken punctuation">) token operator">=> token punctuation">{
jwTokentoken punctuation">.token function">verifytoken punctuation">(reqtoken punctuation">.tokentoken punctuation">, secrettoken punctuation">, token punctuation">(errtoken punctuation">, datatoken punctuation">) token operator">=> token punctuation">{
token keyword">if token punctuation">(token operator">!errtoken punctuation">) token punctuation">{
token comment">//token正确,做些事情
restoken punctuation">.token function">jsontoken punctuation">(token punctuation">{messagetoken punctuation">: token string">'退出登录'token punctuation">, datatoken punctuation">}token punctuation">)
token punctuation">} token keyword">elsetoken punctuation">{
token comment">//token不正确,返回401
restoken punctuation">.token function">statustoken punctuation">(token number">401token punctuation">)token punctuation">.token function">sendtoken punctuation">(token punctuation">)
token punctuation">}
token punctuation">}token punctuation">)
token punctuation">}token punctuation">)
结语
如果对你有帮助的话,请点一个赞吧