我正在尝试在应用程序中实现登录功能。目前,我可以注册一个登录名,生成一个jwt令牌。但是,我不知道如何将此令牌存储在cookie(或本地存储)中。我有一个中间件,它要求用户在每个私有请求中发送一个令牌。在邮递员中,我可以将“ x-auth-token”和一个令牌放在标头中。许多教程使用护照,cookie解析器,这似乎有点复杂。还有其他更简单的方法吗?我在快速文档中看到也有res.cookie('x-auth-token', token);可用,我尝试过,但是没有用。我也尝试过window.localStorage.setItem('x-auth-token', token);,但还是没用。
我尝试了一些超级简单的方法,即将令牌简单地放在localStorage中。 window.localStorage.setItem('x-auth token', token);但是,它没有用。
auth
const jwt = require('jsonwebtoken');
const config = require('config');
// middleware function, next so it moves on to the next middlware
module.exports = function(req, res, next) {
//get the token from header
const token = req.header('x-auth-token');
//Check if not token
if (!token) {
return res.status(401).json({ msg: 'No token, authorization denied' });
}
//Verify token if exist
try {
const decoded = jwt.verify(token, config.get('jwtSecret'));
req.user = decoded.user;
next();
} catch (err) {
res.status(401).json({ msg: 'Token is not valid' });
}
};
posts.js
// @ route POST api/users
// @desc Register User
// @access Public
router.post(
'/',
[
check('name', 'Name is required')
.not()
.isEmpty(),
check('email', 'Please include a valid email').isEmail(),
check(
'password',
' Please enter a password with 6 or more characters'
).isLength({ min: 6 })
],
async (req, res) => {
const errors = validationResult(req);
if (!errors.isEmpty()) {
return res.status(400).json({
errors: errors.array()
});
}
const { name, email, password } = req.body;
try {
// See if user exists, have to be unique
let user = await User.findOne({ email });
if (user) {
return res
.status(400)
.json({ errors: [{ msg: 'User already exists' }] });
}
// Get users gravatar
const avatar = gravatar.url(email, {
s: '200',
r: 'pg',
d: 'mm'
});
user = new User({
name,
email,
avatar,
password
});
//encrypt password
const salt = await bcrypt.genSalt(10);
user.password = await bcrypt.hash(password, salt);
// anything that return a promise, we have to put await !!
await user.save();
//return jsonwebtoken
const payload = {
user: {
id: user.id
}
};
jwt.sign(
payload,
config.get('jwtSecret'),
{ expiresIn: 60 * 60 * 100 },
(err, token) => {
// window.localStorage.setItem('x-auth-token', token);
res.json({ token });
res.cookie('x-auth-token', token);
// req.flash('You seccessfully registered your account');
// res.redirect('/user/login');
}
);
} catch (err) {
console.error(err.message);
res.status(500).send('Server error');
}
}
);
main.handlebars
<!DOCTYPE html>
<html lang="en">
<head>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link rel="stylesheet" href="/css/main.css">
<link rel="stylesheet" href="/css/register.css">
<link href="https://fonts.googleapis.com/css?family=Roboto&display=swap" rel="stylesheet">
<script src="https://use.fontawesome.com/804afe4c6e.js"></script>
{{!-- for auto-reload --}}
<script src="/reload/reload.js"></script>
<script src="/javascript/main.js"></script>
<title>Idea Share</title>
</head>
<body>
<nav class="navbar bg-dark">
<h1><a href="/">Idea Share</a></h1>
<ul>
<a href="/signup">
<li>Sign up</li>
</a>
<a href="/signup">
<li>Log in</li>
</a>
</ul>
</nav>
<div class="container">
{{{body}}}
</div>
</body>
</html>
register.handlebars
<div class="height-container">
<div class="vertical-align">
<div class="register-form">
<h1>Create your account</h1>
<form class="form" action="/api/users" method="post">
<div class="form-group">
<input name="name" type="text" placeholder="Name" requried>
</div>
<div class="form-group">
<input name="email" type="email" placeholder="E-mail">
</div>
<div class="form-group">
<input name="password" type="text" placeholder="Password" minlength="6">
</div>
<input onclick="loginUser()" type="submit" value="Create account" class="button green-button" />
</form>
<p>Already have an account? <a href="/signin">Sign in</a></p>
</div>
</div>
</div>
post.handlebars
<div class="height-container">
<div class="vertical-align">
<div class="idea-form">
<h1>Share your idea</h1>
<form class="form" action="/api/posts" method="post">
<div class="form-group">
<input type="text" placeholder="What is your idea?" name="title" requried>
</div>
<div class="form-group">
<input type="text" placeholder="Let us know more detail. What is the story. How did you come up with it?
Why do you think people would need it etc" name="body">
</div>
<input "type=" submit" value="Post" class="button green-button" />
</form>
</div>
</div>
</div>
答案 0 :(得分:2)
您无法将项目保存到Node.js中的本地存储。首先将您的响应发送到客户端,然后使用localStorage.setItem('x-auth-token', token);将res令牌保存到浏览器本地存储中。
在客户端将您的令牌用作:-
http.post('/', userCredentials).then(response => {
window.localStorage.setItem('x-auth-token', response.token)
}
);