将 JWT 与 nodejs 和 express 一起使用

Question

I'm trying to add JWT instead of express-session in the backend. I can't figure out how to use it with nodejs + routes.

I tried this, so i will be able to use it in every route:

const jwt = 'jsonwebtoken'
app.use(jwt())

and I got that "jwt is not a function".

than I tried this:

app.use(
  jwt.sign({}, 'secret')
);

and i got that "app.use() requires a middleware function" and instead of the {} I would like to enter the user when the frontend will pass one.

should I create jwtService file and import it to every route that use jwt? or require jsonwebtoken in each route?

Answer 1

确保你安装了这个包，你需要先导入/需要它。

const jwt =require('jsonwebtoken');

Answer 2

The way you can implement these libraries will always vary according to your project standard.

I will try to simplify a little bit here to make as much easier as I can.

Let's suppose you have a /login route.

const express = require('express')
const bodyParser = require('body-parser')
const cookieParser = require('cookie-parser')

const app = express();
app.use(bodyParser.json());
app.use(cookieParser());

app.post('/login', loginHandler); // YOUR route with JWT inside of login funciton.

app.listen(3000);

The second parameter of the app.post will be the function that has your JWT handlers in it, like:

const loginHandler = (req, res) => {
  // username and password
  const { username, password } = req.body

  // create new token
  const myJwtToken = jwt.sign({ username }, 
   jwtKey, {
    algorithm: 'HS256',
    expiresIn: XXSeconds // The expiredIn property can be human readable like '6 months', '1 week', etc.
  });

  console.log('My token is: ', myJwtToken);

  // set token and expiry date
  res.cookie('token', myJwtToken, { maxAge: XXSeconds * 1000 });
  res.end();
}

Useful links:

• jsonwebtoken with examples
• Example implementation I Node.js with JWT - DEVTO
• Example implementation II - FreeCodeCamp