摘要:
1.安装npminstall--saveegg-corsegg-jwt2.配置//config/config.default.jsconfig.jwt={secret:'123456',enable:true,//defaultisfalsematch:'/jwt',//optionalexpiresIn:'24h',};//安全配置(https://eggjs.org/zh-cn/core/se
1.安装
npm install --save egg-cors egg-jwt
2.配置
// config/config.default.js
config.jwt ={ secret: '123456', enable: true, //default is false match: '/jwt', //optional expiresIn: '24h', }; //安全配置 (https://eggjs.org/zh-cn/core/security.html) config.security ={ csrf: { enable: false, ignoreJSON: true, }, domainWhiteList: [ 'http://localhost:8080' ], //允许访问接口的白名单 }; //跨域配置 config.cors ={ origin: '*', allowMethods: 'GET,HEAD,PUT,POST,DELETE,PATCH', };
3.路由
'use strict'; module.exports = app =>{ const { router, controller: { login }, middleware } =app; const jwt =middleware.jwtCheck(app.config.jwt); router.post(`login`, login.index); // 登录得到 token 等用户信息 router.get(`login/test`, jwt, login.test); // 解码验证 };
4.登录得到 token 等用户信息
请求(post):http://localhost:7001/login
//controller/login.js 'use strict'; const Controller = require('../core/baseController'); classHomeController extends Controller { //登录,验证,成功发token asyncindex() { const { ctx, app } = this; const req =ctx.request.body; const errArr =app.validator.validate({ username: 'string', password: 'string', }, req); if (errArr) { //非空验证 this.$error(JSON.stringify(errArr)); return; } try{ //查库验证 const data = await ctx.model.User.findAll({ where: req }); if (data.length > 0) { const user = data[0]; const { jwt: { secret, expiresIn } } =app.config; //需传 secret 过期时间 const token =app.jwt.sign({ id: user.id, }, secret, { expiresIn, }); this.$success({ token, user }); } else{ this.$error('用户名或密码不正确'); } } catch(err) { this.$error(err); } } asynctest() { const { ctx } = this; ctx.body = { code: 201, msg: '验证成功', data: ctx.state.user }; console.log(' user +++', ctx.state.user); } } module.exports = HomeController;
5.解码验证
请求(get):http://localhost:7001/login/test
// middleware/jwtCheck.js
'use strict'; module.exports = options =>{ return asyncfunction jwtErr(ctx, next) { const headerStr =ctx.request.header.authorization; if(headerStr) { try{ //解码token,需传加密时的 secret const decode =ctx.app.jwt.verify(headerStr, options.secret); ctx.state.user = decode; //信息存一下,这步很重要,业务里要用 awaitnext(); } catch(error) { ctx.status = 401; //翻译错误码 let message =error.message;ctx.body ={ code: -1, msg: message, }; return; } } else{ ctx.status = 401; ctx.body ={ code: -1, msg: 'no header token', }; return; } }; };
以上几步,用egg-jwt 实现登录获取 token ,然后传 token验证身份,并存在 ctx.state.user为后面业务里用
.