【发布时间】:2022-01-18 09:37:08
【问题描述】:
我有以下代码我想添加刷新令牌。我怎样才能添加它?
我也在征求关于如何提高授权方法质量的建议。
不幸的是,我的尝试总是以错误或缺少特定操作而告终。
这是我的sn-p代码:
const path = require('path');
const express = require('express');
const bodyParser = require('body-parser');
const urlencodedParser = bodyParser.urlencoded({ extended: false });
const mysql = require('mysql2');
const jwt = require('jsonwebtoken');
require('dotenv').config();
const TOKEN_SECRET = process.env.TOKEN_SECRET;
const app = express();
app.use(express.json());
const pathPublic = path.join(__dirname, '../public');
app.use(express.static(pathPublic));
app.post('/login', urlencodedParser, (req, res) => {
res.get(req.body.username + req.body.password);
const users = {
username: req.body.username,
password: req.body.password
};
// Connect to MySql
const db = require('./dbconnect');
// Select user:
const post = [users.username, users.password]
const sql = 'SELECT * FROM users WHERE name = ? AND password = ?';
const query = db.query(sql, post, (err, results) => {
if (err) {
throw err;
} else if (results.length >= 1) {
console.log("Successful login!!");
const token = generateAccessToken({ username: users.username });
res.redirect(`/admin?token=${token}`);
} else if (results.length <= 0) {
console.log("Not find user");
}
})
})
function generateAccessToken(username) {
return jwt.sign(username, TOKEN_SECRET, { expiresIn: '600s' });
}
function authenticateToken(req, res, next) {
token = req.query.token;
if (token == null) return res.sendStatus(401);
jwt.verify(token, TOKEN_SECRET, (err, user) => {
if (err) console.log(err);
if (err) return res.sendStatus(403);
req.user = user;
next();
});
}
app.get('/admin', authenticateToken, (req, res) => {
res.send('admin panel');
});
【问题讨论】:
-
请编辑问题以将其限制为具有足够详细信息的特定问题,以确定适当的答案。