38 lines
982 B
JavaScript
38 lines
982 B
JavaScript
|
const express = require('express');
|
|||
|
|
const jwt = require('jsonwebtoken');
|
|||
|
|
const { expressjwt: jwtMiddleware } = require('express-jwt'); // 导入 express-jwt 中间件
|
|||
|
|
const app = express();
|
|||
|
|
const secret = 'nicetechsg';
|
|||
|
|
|
|||
|
|
// 中间件:保护所有 /api 路由
|
|||
|
|
app.use(
|
|||
|
|
'/api',
|
|||
|
|
jwtMiddleware({ secret, algorithms: ['HS512'] })
|
|||
|
|
);
|
|||
|
|
|
|||
|
|
app.get("/test", (req, res) =>{
|
|||
|
|
res.json({message: "test"})
|
|||
|
|
})
|
|||
|
|
|
|||
|
|
// 登录接口(生成 token)
|
|||
|
|
app.post('/login', (req, res) => {
|
|||
|
|
const user = { password: 1, username: 'alice' };
|
|||
|
|
const token = jwt.sign(user, secret, { expiresIn: '1h' });
|
|||
|
|
res.json({ token });
|
|||
|
|
});
|
|||
|
|
|
|||
|
|
// 受保护接口
|
|||
|
|
app.get('/api/protected', (req, res) => {
|
|||
|
|
res.json({ message: 'You have access!', user: req.auth });
|
|||
|
|
});
|
|||
|
|
|
|||
|
|
// 错误处理
|
|||
|
|
app.use((err, req, res, next) => {
|
|||
|
|
if (err.name === 'UnauthorizedError') {
|
|||
|
|
return res.status(401).json({ message: 'Invalid token' });
|
|||
|
|
}
|
|||
|
|
next(err);
|
|||
|
|
});
|
|||
|
|
|
|||
|
|
app.listen(3000, () => console.log('Server started on port 3000'));
|