我已经成功注册了一个用户并在必要的路由上分配了授权和身份验证令牌,但注销似乎没有注销用户,而且没有明显的原因
这是用户注销的路由器页面
const express = require('express')
const User = require('../models/user')
const auth = require('../middleware/auth')
const router = new express.Router
router.post('/users/logout', auth, async (req, res)=>{
try{
req.user.tokens = req.user.tokens.filter((token)=>{
return token.token !== req.token
})
await req.user.save()
res.send()
}catch(e){
res.status(500)
}
})
router.get('/users/me', auth, async (req, res)=>{
res.send(req.user)
})
module.exports = router
这里是中间件认证页面
const jwt = require('jsonwebtoken')
const User = require('../models/user')
const auth = async (req, res, next)=>{
try{
const token = req.header('Authorization').replace('Bearer ', '')
const decoded = jwt.verify(token, 'thisismynewcourse')
const user = await User.findOne({_id: decoded._id, 'tokens.token': token})
if(!user){
throw new error()
}
req.user = user
next()
}catch(e){
res.status(401).send('Please authenticate')
}
}
module.exports = auth
注销路由在邮递员和 auth type 中正常输出 200 状态代码从父级继承 帮助查看我是否做错了什么导致注销后仍然读取用户