这是我的用户对象
_id:5ef206fffe52dd1ff80f74c0
name:Rupam Sahriar
email:lampoo@gmail.com
password:$2a$08$/oubd6uDkm.OMyrcTOzhys/fDla
age:15
tokens:Array
0:
_id:5ef20c5fa8d5b226ec46f957
eyJhbGciOiJIUzXVCJ9.eyJfaWZlNTJkZDFmZjgwZjcTI5MjExODN9.TkDPHoa3Zto5BdoB4oIyaqTeov5-AyIQwYsN0BIYS6s
1:
_id:5ef20fff08bc901c80f8a522
:
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpYyMDZmZmZlNTJkZDFmZjgwZjc0YzAiLCJpYXQiOjE1OTI5MjIxMTF9.6E3w-wN9l7m9zXPrHlpy88vmRVBovySAWQVY7pxmr-0
2:
_id:5ef2100008bc901c80f8a523
:
eyJhbGciOiJIUzI1NiIsInRDFmZjgwZjc0YzAiLCJpYXQiOjE1OTI5MjIxMTJ9.mITwpoWjnEOwoBea_aljGMQr2kOnuffmGXmhifXVEBQ
createdAt:2020-06-23T13:43:27.519+00:00
updatedAt:2020-06-23T14:06:23.151+00:00
__v:7
我要注销时删除当前的单次访问令牌。 所以我写这段代码
router.post('/users/logout', auth, async (req,res)=>{
try{
req.user.tokens = req.user.tokens.filter((token) =>{
return token.token !== req.token
})
await req.user.save()
res.send()
} catch(e) {
res.status(500).send(e)
}
})
这实际上显示状态为200。但这不会从数据库中删除访问令牌。