一、 安装
npm install express --save
npm install body-parser --save
npm install passport passport-jwt jsonwebtoken --save
npm install express --save
npm install ejs --save
二、passport-jwt策略
let jwtOptions = {};
jwtOptions.jwtFromRequest = ExtractJwt.fromAuthHeaderAsBearerToken();
jwtOptions.secretOrKey = 'jwt';
passport.use(new JwtStrategy(jwtOptions, (payload, done) => {
// 获取 user
const user = {
id: 1,
username: 'admin',
password: 'pass'
}
if (payload.username !== user.username) {
return done(null, false, {message: 'incorrect username'});
}
if (payload.password !== user.password) {
return done(null, false, {message: 'incorrect username'});
}
return done(null, user);
}));
passport.serializeUser((user, done) => {
done(null, user)
});
passport.deserializeUser((user, done) => {
done(null, user);
});
三、路由
// 路由
app.get('/', (req, res) => {
res.render('index', {title: '登录面'})
});
app.post('/login', (req, res) => {
// 获取user
const user = req.body;
// 验证user
// ...
// 验证成功
const payload = {
username: user.username,
password: user.password
}
// 生成token
const token = jwt.sign(payload, jwtOptions.secretOrKey, {
expiresIn: 1000*60*60
})
res.json({
token: 'Bearer '+token
})
});
app.get('/user', passport.authenticate('jwt', {session: false}), (req, res) => {
res.json({
user: req.user.username
})
});
app.get('/auth_jwt', (req, res) => {
res.render('auth_jwt');
})
四、完整代码app.js
const express = require('express');
const ejs = require('ejs');
const bodyParser = require('body-parser');
const jwt = require('jsonwebtoken');
const passport = require('passport');
const passportJwt = require('passport-jwt');
const app = express();
// 策略
// ...
// 模板
app.set('view engine', 'ejs');
app.engine('ejs', ejs.renderFile);
// 中间件
app.use(express.static('public'));
app.use(bodyParser({
extended: false
}))
app.use(passport.initialize());
// 路由
// ...
const server = app.listen(4000, () => {
const host = server.address().address;
const port = server.address().port;
console.log(`app listening on:${host}:${port}`);
});
网友评论