-
安裝必要模塊
npm i passport-jwt -s
-
建立passport驗證token模塊
//引入passport-jwt模塊
const JwtStrategy = require('passport-jwt').Strategy,
ExtractJwt = require('passport-jwt').ExtractJwt
const mysql = require('mysql')
const connection = require('./mysql')
var opts = {}
opts.jwtFromRequest = ExtractJwt.fromAuthHeaderAsBearerToken() //通過配置信息來生成jwt的請求,驗證這個token
opts.secretOrKey = "kuaidian"
module.exports = passport => {
passport.use(new JwtStrategy(opts, function (jwt_payload, done) {
const sql = "SELECT * FROM users WHERE username = '"+ jwt_payload.username+ "' or phonenum = '"+ jwt_payload.username + "'"
connection.query(sql, (err, rows, fields) => {
if (err) {
console.log('[query] - :' + err);
return res.json("{ success: false, message: '登錄失敗!' }")
}
if(rows){
return done(null,rows)
}else{
return done(null,false)
}
})
}));
}
-
JWT簽名
router.post('/login', (req, res, next) => {
const username = req.body.username
// 邏輯加密
const password = md5(md5(req.body.password))
const sql = "SELECT * FROM pre_common_member WHERE username = '" + username + "' or phonenum = '" + username + "' and password ='" + password + "'"
connection.query(sql, (err, rows, fields) => {
if (err) {
console.log('[query] - :' + err);
return res.json("{ success: false, message: '登錄失敗!' }")
}
if (rows != '') {
//jwt簽名生成token
const rule = { username: username }
const keys = 'kuaidian'
jwt.sign(rule, keys, { expiresIn: 60 * 8 }, (err, token) => {
if (err) throw err
res.json({ success: true, message: '成功登錄!', username: username, token: "Bearer " + token })
})
} else {
return res.json({ success: false, message: '登錄失敗!賬號或密碼錯誤。' })
}
})
})
-
JWT token 驗證
//使用建立好的passport驗證token中間件驗證token後返回數據
router.get('/userInfo', passport.authenticate("jwt", { session: false }), (req, res, next) => {
res.json({
tag: req.user[0].tag,
username: req.user[0].username,
type: req.user[0].type,
phonenum: req.user[0].phonenum,
qq: req.user[0].qq,
address: req.user[0].address,
name: req.user[0].name
})
})