zoukankan      html  css  js  c++  java

  • nodejs添加jsonwebtoken验证

    具体使用模块:

    使用compression压缩处理请求响应、cors模块添加跨域、helmet安全模块、body-parser解析请求参数、jsonwebtoken用于生成及校验token、使用内置cluster模块开启多进程模式,具体源码如下:

    1、项目组成

    2、具体源码

    server.js:

    // =================================================================
// get the packages we need ========================================
// =================================================================
var express = require('express');
var app = express();
var bodyParser = require('body-parser');
var morgan = require('morgan');
var mongoose = require('mongoose');
var cors = require('cors'); //cors支持
var compression = require('compression'); //压缩
var helmet = require('helmet'); //安全插件

var config = require('./config'); // get our config file
var User = require('./app/models/user'); // get our mongoose model
var Routes = require('./routes'); // get our mongoose model
var Authorize = require('./routes/authorize'); // get token model
var CheckToken = require('./routes/checktoken'); // check token model
var Signup = require('./routes/signup'); // signup model

// =================================================================
// configuration ===================================================
// =================================================================
var port = process.env.PORT || 8080; // used to create, sign, and verify tokens
mongoose.connect(config.database); // connect to database

// use body parser so we can get info from POST and/or URL parameters
app.use(bodyParser.urlencoded({ extended: false }));
app.use(bodyParser.json());

// use morgan to log requests to the console
app.use(morgan('common'));

app.use(helmet());

//启用cors
app.use(cors({
    origin: ['http://localhost:8080'],
    methods: ['GET', 'POST'],
    alloweHeaders: ['Conten-Type', 'x-access-token']
}));

app.use(compression());

//受token保护的路由
app.use("/api", CheckToken);
Routes(app);

// =================================================================
// start the server ================================================
// =================================================================
app.listen(port, function() {
    console.log('My Api is running...');
});

    config.js:

    module.exports = {

	'secret': 'ilovescotchyscotch',
	'database': 'mongodb://127.0.0.1:27017/tokenApi'
	
};

    cluster.js:

    var cluster = require('cluster');
var os = require('os');

const CPUS = os.cpus();

if (cluster.isMaster) {
    CPUS.forEach(function() {
        cluster.fork();
    });
    cluster.on('listening', function(worker) {
        console.log('Cluster %d connected', worker.process.pid);
    });

    cluster.on('disconnect', function(worker) {
        console.log('Cluster %d disconnected', worker.process.pid);
    });

    cluster.on('exit', function(worker) {
        console.log('Cluster %d dead', worker.process.pid);
        // Ensuring a new cluster will start if an old one dies
        cluster.fork();
    });
} else {
    require("./server");
}

    其他源码已上传至githubhttps://github.com/caiya/node-token-authentication-api

    注册:

    访问受保护的路由:

    根据用户名密码获取token:

    发送错误的token:

    发送正确的token:
  • 相关阅读:
    URL域名获取
    SQL Server 索引结构及其使用(二)
    SQL Server 索引结构及其使用(一)[转]
    查询数据库中所有表的数据量、有效数据量以及其它定制数据量
    转:Servlet的url匹配以及url-pattern详解
    转:在MyEclipse下创建Java Web项目 入门(图文并茂)经典教程
    MyEclipse +Servlet 乱码
    MyEclipse +Tomcat 异常操作
    Android Include标签
    转ATL对象类型
  • 原文地址:https://www.cnblogs.com/vipzhou/p/6656661.html
Copyright © 2011-2022 走看看