仅在中间件完成任务后才调用功能

时间:2019-08-17 02:45:20

标签: node.js express

大家好,我一直在使用NodeJS进行某些项目,并且一直在使用一些中间件来验证我的令牌并解密我的令牌以获得用户权限。

router.post('/addrole', verifyTokenUser, (req, res) => {
    try {
        const userUtilsObj = new userUtils();
        if (userUtilsObj.checkPermissions(req.body.permission_set, 'Admin Web User', 'Create')) {

        } else {

        }
    } catch (e) {
        console.log(e);
    }
});

我的中间件功能: 

function verifyToken(req, res, next) {
        var token = req.headers['x-access-token'];
        if (!token)
            return res.status(403).send({ status: false, message: 'You are not authorized to access the data, please login again' });
        else {
            if (jwt.verify(token, 'niruthi')) {
                var decoded = jwtDecode(token);
                pool.query("select uid from users where uid='" + decoded.id + "' and is_active='1'", function (error, rows) {
                    if (error) {
                        return res.send({ status: false, login: false, message: error });
                    }
                    else if (rows.length > 0) {
                        req.body.userId = decoded.userId;
                        req.body.userType = decoded.userType;
                        req.body.permission_set = decoded.permission_set;
                    }
                    else {
                        return res.send({ status: false, login: false, message: "User Account is InActive" });
                    }
                });
            } else {
                return res.status(401).send({ status: false, login: false, message: 'Login expired, please login again' })
            }
        }
        next();
}

您可以在我的中间件函数中检查我是否正在使用req.body.permission_set返回一些Permission_set,并为它返回checkPermissions,但是它调用了checkPermissions而不进行解密。那么如何让它等待verifyTokenUser中间件。

1 个答案:

答案 0 :(得分:1)

完成工作后,您无需编写next()的代码,请尝试以下操作:

function verifyToken(req, res, next) {
        var token = req.headers['x-access-token'];
        if (!token)
            return res.status(403).send({ status: false, message: 'You are not authorized to access the data, please login again' });
        else {
            if (jwt.verify(token, 'niruthi')) {
                var decoded = jwtDecode(token);
                pool.query("select uid from users where uid='" + decoded.id + "' and is_active='1'", function (error, rows) {
                    if (error) {
                        return res.send({ status: false, login: false, message: error });
                    }
                    else if (rows.length > 0) {
                        req.body.userId = decoded.userId;
                        req.body.userType = decoded.userType;
                        req.body.permission_set = decoded.permission_set;


                        next();  //<---- HERE
                    }
                    else {
                        return res.send({ status: false, login: false, message: "User Account is InActive" });
                    }
                });
            } else {
                return res.status(401).send({ status: false, login: false, message: 'Login expired, please login again' })
            }
        }
}
相关问题
最新问题