nodeJs+jwt实现小程序tonken鉴权
自我记录
config\config.js
module.exports = {
DBHOST: '127.0.0.1',
DBPORT: '27017',
DBNAME: 'test',
secret: 'xxxxx',
AppID: 'xxxxx',
}
token中间件
middlewares\checkTokenMiddleware.js
const jwt = require('jsonwebtoken');
const {secret} = require('../config/config');
module.exports = (req, res, next) => {
const Authorization = req.get('Authorization');
if (!Authorization) {
return res.json({
code: 401,
msg: '暂无权限',
data: null
})
}
const token = Authorization.split(' ')[1]
jwt.verify(token, secret, (err, data) => {
if (err) {
return res.json({
code: 403,
msg: 'token失效',
data: null
})
}
req.user = data;
next();
});
}
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
routes路由文件
routes\user.js
const express = require('express');
const router = express.Router();
const user_handler = require('../router_handler/user');
router.post('/reguser', user_handler.reguser);
router.post('/login', user_handler.login);
router.post('/logout',user_handler.logout );
module.exports = router;
user路由函数
router_handler\user.js
const UserModel = require('../models/UserModel');
const { secret, AppID } = require('../config/config')
const jwt = require('jsonwebtoken');
const request = require('request')
const shortid = require('shortid');
exports.reguser = async (req, res) => {
try {
const js_code = req.body.code;
if (!js_code) {
return res.json({
code: 400,
message: '缺少 js_code 参数'
});
}
sendRequest(js_code, handleResponse(res));
} catch (err) {
console.error('Error registering user:', err);
res.json({
code: 400,
msg: '注册失败,请稍后再试~~',
data: null
});
}
}
const sendRequest = (js_code, callback) => {
request(`https://api.weixin.qq.com/sns/jscode2session?appid=${AppID}&secret=${secret}&js_code=${js_code}&grant_type=authorization_code`, callback);
}
const handleResponse = (res) => {
return async (error, response, body) => {
if (error) {
console.error('Error sending request:', error);
return res.json({
code: 500,
message: '请求失败,请稍后再试~~'
});
}
if (response.statusCode !== 200) {
return res.json({
code: 400,
message: '获取用户信息失败'
});
}
try {
const bodyInfo = JSON.parse(body);
const openId = bodyInfo.openid;
if (!openId) {
return res.json({
code: 400,
msg: 'code失效',
data: null
});
}
const userData = await UserModel.findOne({ openId });
if (userData) {
const token = await getToken(userData.openId, userData.id)
const result = await UserModel.updateOne({ id: userData.id }, { token: token })
if (!result.acknowledged) {
throw new Error('写入操作未被确认');
}
return res.json({
code: 200,
msg: '该用户已存在并生成新的token',
data: token
});
}
const id = shortid.generate()
const token = await getToken(openId, id)
const data = await UserModel.create({ openId, token, id });
res.json({
code: 200,
msg: '获取成功',
data: data.token
});
} catch (err) {
console.error('Error registering user:', err);
res.json({
code: 400,
msg: '注册失败,请稍后再试~~',
data: null
});
}
};
}
const getToken = async (openId, id) => {
return await jwt.sign({
openId,
id
}, secret, {
expiresIn: 60 * 60 * 24 * 7
});
}
exports.login = async (req, res) => {
try {
const { openId } = req.body;
const data = await UserModel.findOne({ openId });
if (!data) {
return res.json({
code: 400,
msg: '用户名或密码错误',
data: null
});
}
const token = await getToken(data.openId, data.id)
res.json({
code: 200,
msg: '登录成功',
data: token
});
} catch (err) {
console.error('Error logging in:', err);
res.json({
code: 500,
msg: '登录失败',
data: null
});
}
}
exports.logout = async (req, res) => {
try {
await new Promise((resolve, reject) => {
req.token.destroy((err) => {
if (err) {
reject(err);
} else {
resolve();
}
});
});
res.json({
code: 200,
msg: '退出成功',
data: null
});
} catch (err) {
console.error('Error logging out:', err);
res.json({
code: 500,
msg: '退出失败',
data: null
});
}
}
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- 57
- 58
- 59
- 60
- 61
- 62
- 63
- 64
- 65
- 66
- 67
- 68
- 69
- 70
- 71
- 72
- 73
- 74
- 75
- 76
- 77
- 78
- 79
- 80
- 81
- 82
- 83
- 84
- 85
- 86
- 87
- 88
- 89
- 90
- 91
- 92
- 93
- 94
- 95
- 96
- 97
- 98
- 99
- 100
- 101
- 102
- 103
- 104
- 105
- 106
- 107
- 108
- 109
- 110
- 111
- 112
- 113
- 114
- 115
- 116
- 117
- 118
- 119
- 120
- 121
- 122
- 123
- 124
- 125
- 126
- 127
- 128
- 129
- 130
- 131
- 132
- 133
- 134
- 135
- 136
- 137
- 138
- 139
- 140
- 141
- 142
- 143
- 144
- 145
- 146
- 147
- 148
- 149
- 150
- 151
- 152
- 153
- 154
- 155
- 156
- 157
- 158
- 159
- 160
- 161
- 162
- 163
- 164
- 165
- 166
- 167
- 168
- 169
- 170
权限相关
展示openId 对应用户的书籍信息
书籍路由文件
routes\book.js
const express = require('express')
const router = express.Router()
const book_handler = require('../router_handler/book')
const checkTokenMiddleware = require('../middlewares/checkTokenMiddleware')
router.post('/addbook',checkTokenMiddleware, book_handler.addBook)
router.get('/getBook',checkTokenMiddleware, book_handler.getBook);
router.get('/book/:id',checkTokenMiddleware, book_handler.getOneBook);
router.delete('/book/:id',checkTokenMiddleware, book_handler.delBook);
module.exports = router
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
书籍路由函数
router_handler\book.js
const BookModel = require('../models/BookModel');
exports.addBook = async (req, res) => {
try {
const data = await BookModel.create({
...req.body, user: req.user.openId
})
return res.json({ code: 200, message: "添加成功", data: data });
} catch (err) {
console.error("Error creating book:", err);
return res.json({ code: 500, message: "添加失败", error: err.message });
}
}
exports.getBook = async (req, res) => {
try {
const data = await BookModel.find({ user: req.user.openId })
return res.json({ code: 200, message: "查询成功", data });
} catch (err) {
console.error("Error creating book:", err);
return res.json({ code: 500, message: "查询失败", error: err.message });
}
}
exports.getOneBook = async (req, res) => {
let { id } = req.params;
let { openId } = req.user
try {
const data = await BookModel.findOne({ _id: id, user: openId })
if (!data) {
return res.json({ code: 404, message: "未找到匹配的书籍" });
}
return res.json({ code: 200, message: "查询成功", data });
} catch (err) {
console.error("Error creating book:", err);
return res.json({ code: 500, message: "查询失败", error: err.message });
}
}
exports.delBook = async (req, res) => {
let { id } = req.params;
let { openId } = req.user
try {
const result = await BookModel.deleteOne({ _id: id, user: openId })
if (result.deletedCount === 1) {
return res.json({ code: 200, message: "删除成功", data: {} });
} else {
return res.json({ code: 404, message: "未找到匹配的文档" });
}
} catch (err) {
console.error("Error deleting book:", err);
return res.json({ code: 500, message: "删除失败", error: err.message });
}
}
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- 57
- 58
声明文档
const mongoose = require('mongoose')
let UserSchema = new mongoose.Schema({
openId: String,
token: String,
id: String,
});
let UserModel = mongoose.model("users", UserSchema);
module.exports = UserModel
-------------------------------------------------------书籍相关----------------------------------
const mongoose = require('mongoose')
let BookSchema = new mongoose.Schema({
name: {
type: String,
required: true,
unique: true
},
author: {
type: String,
default: '匿名'
},
gender: {
type: String,
enum: ['男', '女']
},
price: Number,
is_hot: Boolean,
user: {
type: String,
required: true
},
});
let BookModel = mongoose.model("books", BookSchema);
module.exports = BookModel
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
效果图
