我们在 getpost 路由器中有 authenticationToken 中间件。 authenticationToken 中间件验证令牌。
如果令牌已过期,则执行 if(err) 条件语句。这时候通过refreshtoken再次下发accessToken。
我想将此发出的 accessToken 传递给路由器。控制台日志(访问令牌);如何修复代码以执行此操作?
这是我的代码
(index.js)
router.post('/getpost', authenticateToken, async (req, res, next) => {
try {
console.log(accessToken);
} catch (error) {
console.error(error);
next(error); // status 500
}
});
(中间件.js)
exports.authenticateToken = (req, res, next) => {
jwt.verify(token, process.env.ACCESS_TOKEN_SECRET, async (err, user) => {
if (err) {
jwt.verify(
refreshToken,
process.env.REFRESH_TOKEN_SECRET,
async (err, user) => {
if (err) return res.sendStatus(403);
const accessToken = await generateAccessToken(users); // i want to pass this accessToken to router
console.log('accessToken::::', accessToken);
},
);
res.json({accessToken: accessToken});
}
req.user = user;
next();
});
};
function generateAccessToken(user) {
return jwt.sign(user, process.env.ACCESS_TOKEN_SECRET, {expiresIn: '55s'});
}
app.post("/token", (req, res) => {
const refreshToken = req.body.token;
console.log("refreshToken:", refreshToken);
if (refreshToken == null) return res.sendStatus(401);
if (!refreshTokens.includes(refreshToken)) return res.sendStatus(403);
jwt.verify(refreshToken, process.env.REFRESH_TOKEN_SECRET, (err, user) => {
if (err) return res.sendStatus(403);
const accessToken = generateAccessToken({ name: user.name });
res.json({ accessToken: accessToken });
});
});
答案 0 :(得分:2)
我认为你可以这样做
exports.authenticateToken = (req, res, next) => {
jwt.verify(token, process.env.ACCESS_TOKEN_SECRET, async (err, user) => {
if (err) {
jwt.verify(
refreshToken,
process.env.REFRESH_TOKEN_SECRET,
async (err, user) => {
if (err) return res.sendStatus(403);
const accessToken = await generateAccessToken(users); // i want to pass this accessToken to router
// Adding token to the req object
req.accessToken = accessToken
// Added this
next()
},
);
res.json({accessToken: accessToken});
} else {
req.user = user;
next();
}
});
};
function generateAccessToken(user) {
return jwt.sign(user, process.env.ACCESS_TOKEN_SECRET, {expiresIn: '55s'});
}
您使用 req 对象传递令牌,并像这样在路由中获取令牌
router.post('/getpost', authenticateToken, async (req, res, next) => {
try {
// Access the token through req object
console.log(req.accessToken);
} catch (error) {
console.error(error);
next(error); // status 500
}
});
编辑:根据相关代码编写示例