接口搭建,登陆注册
- login 登陆, 只要查到一个用户就返回,对用户进行密码验证,成功就返回token
router.post('/login', (req, res) => {
const uObj = req.body;
// 查询数据库
User.findOne({ email: uObj.email })
.then(user => {
if (!user) {
res.status(200).json({
code: 1,
msg: '用户不存在!'
})
}
// 密码匹配
bcrypt.compare(uObj.password, user.password)
.then(isMatch => {
if (isMatch) {
res.status(200).json({
code: 0,
msg: `登陆成功, 欢迎您:${user.name}`,
});
} else {
res.status(200).json({
code: 1,
msg: '用户密码错误!'
})
}
})
})
})
- token 写法, jwt passport
npm install jsonwebtoken
jwt.sign("规则", "加密名字", "过期时间", "箭头函数");
// jwt.sign("规则", "加密名字", "过期时间", "箭头函数");
// 规则
const rule = { id:user.id, name:user.name }
jwt.sign(rule, keys.secretOrKey, {expiresIn: 3600}, (err, token) => {
if(err) throw err;
res.status(200).json({
code: 0,
msg: `登陆成功, 欢迎您:${user.name}`,
token: token
});
});
- 验证token的写法
需要安装passport-jwt ,passportnpm install passport-jwt passport
记得去引用
在server.js中记得引用
const passport = require('passport'); // passport
// passport 初始化
app.use(passport.initialize());
require('./config/passport')(passport);
创建一个passport.js 文件
const passportJwt = require("passport-jwt");
const JwtStrategy = passportJwt.Strategy,
ExtractJwt = passportJwt.ExtractJwt;
const mongoose = require('mongoose');
const User = mongoose.model('users');
const keys = require('./keys');
const opts = {}
opts.jwtFromRequest = ExtractJwt.fromAuthHeaderAsBearerToken();
opts.secretOrKey = keys.secretOrKey;
module.exports = passport => {
passport.use(new JwtStrategy(opts, (jwt_payload, done) => {
console.log(jwt_payload);
}));
}
阿斯顿
res.status(200).json({
code: 0,
msg: `登陆成功, 欢迎您:${user.name}`,
token: "Bearer " + token // Bearer 是规定的验证
});
image.png
image.png
// $route GET api/users/current 验证用户返回用户数据
// @desc return current user
// @access private
router.get('/current', passport.authenticate('jwt', { session: false }), (req, res) => {
res.status(200).json({
code: 0,
msg: '用户验证通过!',
data: {
id: req.user.id,
name: req.user.name,
email: req.user.email
}
});
});
多增加一个验证的身份验证
identity: {
type: String,
required: true
},