我想知道用户是否经过身份验证' jwt'在中间件中。有没有像req.isAuthenticated()类似于passportjs的方法?
module.exports = function(app){
return function(req, res, next){
// How to implement the below step?
var isAuthenticated = app.use(jwt({secret: app.get('jwtTokenSecret')}))
if(isAuthenticated){
// do some logic
}
}
}
答案 0 :(得分:1)
是的!
1)您可以使用express-jwt模块。查看https://github.com/auth0/express-jwt
2)你可以这样做:
//get the authorization token from the request headers, or from a cookie
if (req.headers && req.headers.authorization) {
var parts = req.headers.authorization.split(' ');
if (parts.length == 2) {
var scheme = parts[0];
var credentials = parts[1];
if (/^Bearer$/i.test(scheme)) {
token = credentials;
}
}
}
else if(req.cookies && req.cookies.token)
{
token = req.cookies.token;
}
...
jwt.verify(token, config.secrets.session, function(err, decoded) {
//isAuthenticated is in here
});