安全认证

[TOC]

库

CORS：解决跨域问题

https://github.com/expressjs/cors

JWT：基于Token的认证

https://github.com/auth0/express-jwt

MD5

https://github.com/blueimp/JavaScript-MD5

资料

基于 session 和基于 token 的用户认证方式到底该如何选择？

https://www.v2ex.com/t/276207

JWT

JWT介绍

https://github.com/bigmeow/JWT

VUE JWT 案例

https://github.com/auth0-blog/vue-jwt-authentication
https://github.com/auth0-blog/nodejs-jwt-authentication-sample
https://github.com/ZhihaoLau/vue-jwt-authenticate-sample

auth0/node-jsonwebtoken

https://github.com/auth0/node-jsonwebtoken

auth0/socketio-jwt

https://github.com/auth0/socketio-jwt

JWT unless正则表达式（Node）

let expressJwt = require('express-jwt')
app.use(expressJwt({secret: process.env.AUTH_KEY}).
unless({path: ['/api/login', '/api/register', /^\/api\/external\/.*/]}));

https://cmsdk.com/node-js/expressjwt-unless-condition-is-not-being-honored-using-mochachai.html

使用JWT验证Token，除了获取Token的API

app.use(jwtCheck({secret:config.token_secret}).unless({path:[/^\/users\/.*/]}));

八幅漫画理解使用JSON Web Token设计单点登录系统

http://blog.leapoahead.com/2015/09/07/user-authentication-with-jwt/

OAuth2.0 和 JWT学习值得细看的文章和资源整理

http://www.moell.cn/article/28

服务器加密

Node.js 服务器的加密技术

https://www.jianshu.com/p/a8b87e436ac7