koa+jsonwebtoken,生成token解决方案
作者:互联网
1. 使用 koa-session
给请求添加上token
const session = require('koa-session');
const CONFIG = { key: 'koa:sess', /** (string) cookie key (default is koa:sess) */ /** (number || 'session') maxAge in ms (default is 1 days) */ /** 'session' will result in a cookie that expires when session/browser is closed */ /** Warning: If a session cookie is stolen, this cookie will never expire */ maxAge: 0, autoCommit: true, /** (boolean) automatically commit headers (default true) */ overwrite: true, /** (boolean) can overwrite or not (default true) */ httpOnly: true, /** (boolean) httpOnly or not (default true) */ signed: true, /** (boolean) signed or not (default true) */ rolling: false, /** (boolean) Force a session identifier cookie to be set on every response. The expiration is reset to the original maxAge, resetting the expiration countdown. (default is false) */ renew: false, /** (boolean) renew session when session is nearly expired, so we can always keep user logged in. (default is false) */ }; app.keys = ['some secret hurr']; /** * session middleware * @see https://github.com/koajs/session */ app.use(session(CONFIG, app));
2. jsonwebtoken https://github.com/auth0/node-jsonwebtoken
用jsonwebtoken对请求到的数据进行加密生成token,用token解密加密的数据
加密
const jwt = require('jsonwebtokens');
let payload = {name:'张三',admin:true}; // 加密的数据
let secret = 'always_and_forever'; // 秘钥,随便写
let token = jwt.sign(payload,secret, { expiresIn: '1h' });
console.log(token)
解密
let payload = jwt.verify(token,secret) console.log(payload)
3. 在登录操作后
ctx.session.token = token;
退出登录后
ctx.session.token = '';
标签:koa,boolean,default,token,session,cookie,jsonwebtoken,true 来源: https://www.cnblogs.com/emloxe/p/15684376.html