[英]How do I set role in Node JS JWT Authentication?
我是 Node JS 的新手,現在我正在學習如何在我的 Rest API 中使用 JWT 身份驗證我已經在我的登錄 function 中創建了令牌生成器但是當我嘗試通過設置某個角色來驗證令牌時,如果角色等於 2 我可以得到一個數據。 現在我遇到了麻煩,因為我無法驗證我的令牌
登錄:
exports.login = function(req, res){
var post = {
email : req.body.email,
password : req.body.password
}
var query = "SELECT * FROM ?? WHERE ?? = ? AND ?? = ?";
var table = ["user", "password", md5(post.password), "email",post.email];
query = mysql.format(query,table);
connection.query(query, function(error, rows){
if(error){
console.log(error);
}else{
if (rows.length == 1){
//ini 1440 dalam second
var token = jwt.sign({rows}, config.secret);
id_user = rows[0].id;
username = rows[0].username;
email = rows[0].email;
tanggal_daftar = rows[0].tanggal_daftar;
role = rows[0].role;
var data = {
id_user : id_user,
access_token : token,
username : username,
email : email,
tanggal_daftar : tanggal_daftar,
role : role,
ip_address : ip.address()
}
res.json({
success : true,
message : "Token JWT generate",
token : token,
idUser: data.id_user,
username : username,
email : data.email,
tanggal_daftar : tanggal_daftar,
role : data.role
});
}else{
res.json({"Error": true, "Message":"Email atau password anda salah"});
}
}
});
}
令牌檢查:
const jwt = require('jsonwebtoken');
const config = require('../config/secret');
function verifikasi(role){
return function (req, rest, next){
// var role = req.body.role;
//cek authorization header
var tokenWithBearer = req.headers.authorization;
if(tokenWithBearer){
var token = tokenWithBearer.split(' ')[1];
//verifikasi
jwt.verify(token, config.secret, function(err, decoded){
if(err){
return rest.status(401).send({auth:false, message:"Token tidak terdaftar!"});
}else{
if(role == 2){
req.auth = decoded;
next();
}else{
return rest.status(401).send({auth:false, message:"gagal melakukan otorisasi!"});
}
}
});
}else{
return rest.status(401).send({auth:false, message:"Token tidak tersedia!"});
}
}
}
module.exports = verifikasi;
指數:
// alamat dengan otoritas khusus
router.get('/api/v1/rahasia', verifikasi(), auth.halamanrahasia);
您的if(role == 2)
有錯誤,您應該將其更改為(decoded.role == 2)
編輯:將if(role == 2)
更改為if(decoded.rows.role == 2)
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.