nodejs 使用 jwt 验证 token

配置模块

const JwtStrategy = require('passport-jwt').Strategy,
ExtractJwt = require('passport-jwt').ExtractJwt
const mongoose = require("mongoose")
const User = mongoose.model("users") 


const opts = {}
opts.jwtFromRequest = ExtractJwt.fromAuthHeaderAsBearerToken()
opts.secretOrKey ="secret"

module.exports = passport => {
  passport.use(new JwtStrategy(opts, (jwt_payload, done) => {
    User.findById(jwt_payload.id)
        .then(user => {
          if (user) {
            return done(null, user)
          }
          return done(null, false)
        })
        .catch(err => console.log(err))
  }));
}

用户接口模块

const jwt = require('jsonwebtoken')
const passport = require('passport')
const bcrypt = require('bcrypt')

 bcrypt.compare(password, user.password)
              .then(isMatch => {
                if (isMatch) {
                  //jwt创建token
                  //sign('规则','加密名字','过期时间','箭头函数')
                  const rule = {
                    id:user.id,
                    name:user.name,
                    avatar:user.avatar,
                    identity:user.identity
                  }
                  jwt.sign(rule, keys.secretOrKey, { expiresIn:3600 }, (err,token) => {
                    if (err) throw err
                    res.json({
                      success:true,
                      token:"Bearer " + token
                    })
                  })
                  // res.json({msg:"success"})
                } else {
                  return res.status(400).json("密码错误")
                }
              })

业务接口模块

const passport = require('passport')

router.get("/", passport.authenticate("jwt", {session: false}), (req, res) => {})