jsonwebtoken没有检索令牌

时间:2017-05-15 06:24:36

标签: javascript json node.js express json-web-token

我正在使用nodejs和sequelize来创建简单的用户注册,我已经登录并注册,但是当登录成功时我没有得到任何令牌。

我已经尝试使用console.log来查看令牌,看看我是否得到了一些结果,但控制台中没有与令牌相关的响应。

这是我的代码:

var express = require('express');
var User = require('../../models').User;
var router = express.Router();
var jwt = require('jsonwebtoken');
var app = require('../../app');

/*var token = jwt.sign(user, app.get('superSecret'), {
  expiresInMinutes: 1440 // expires in 24 hours
});*/

router.post('/', function (req, res, next) {
  if (JSON.stringify(req.body) == "{}") {
    return res.status(400).json({ Error: "Login request body is empty" });
  }
  if (!req.body.username || !req.body.password) {
    return res.status(400).json({ Error: "Missing fields for login" });
  }


  // search a user to login
  User.findOne({ where: { username: req.body.username} }) // searching a user with the same username and password sended in req.body
    .then(function (user) {
      if (user && user.validPassword(req.body.password)) {
        //return res.status(200).json({ message: "loged in!" }); // username and password match

        // create a token
        var token = jwt.sign(user, app.get('superSecret'), {
          expiresInMinutes: 1440 // expires in 24 hours
        });

        // return the information including token as JSON
        res.json({
          success: true,
          message: 'Enjoy your token!',
          token: token
        });
      }
      else{
        return res.status(401).json({ message: "Unauthorized" }); // if there is no user with specific fields send
      }
    }).catch(function (err) {
      return res.status(500).json({ message: "server issues when trying to login!" }); // server problems
    });
});

module.exports = router;

1 个答案:

答案 0 :(得分:0)

你应该使用express-jwt库。 https://www.npmjs.com/package/express-jwt 它是express的中间件。例如:

    var jwt = require('express-jwt');

    app.get('/protected',
          jwt({secret: 'shhhhhhared-secret',
               credentialsRequired: false,
               getToken: (req) => req.cookies.id_token // when cookies are using. 'id_token' is cookie's name
    }),
          function(req, res) {
            if (!req.user.admin) return res.sendStatus(401);
            res.sendStatus(200);
          });

你也可以写成app.use(...)或app.anyRequest(...)