我是node.js和express的新手,我已经使用JWT cookie实现了登录和验证功能,在验证用户登录后如何检索他的用户名以在其他页面中使用?
这是我的auth.js文件,我有登录和验证功能:
const bcrypt = require('bcrypt');
const UserDB = require('../models/UserModel');
const jwt = require('jsonwebtoken');
exports.login = function(req,res,next){
let username = req.body.username;
let password = req.body.password;
UserDB.lookup(username,function(err,user){
if(err){
console.log("error looking up user",err);
return res.status(401).send();
}
if(!user){
console.log("user "+username+" not found");
return res.status(401).send();
}
bcrypt.compare(password,user.password,function(err,result){
if(result){
console.log("confirm")
let payload = {username:username};
let accessToken = jwt.sign(payload,process.env.ACCESS_TOKEN_SECRET,{expiresIn: 120});
res.cookie("jwt",accessToken);
next();
}
else
{
return res.status(403).send();
}
});
});
};
exports.verify = function(req,res,next){
let accessToken = req.cookies.jwt;
if(!accessToken){
return res.status(403).send();
}
let payload;
try{
payload = jwt.verify(accessToken, process.env.ACCESS_TOKEN_SECRET);
next();
}
catch(e){
console.log("Not authorized")
res.status(401).send();
}
};
我读到我可以在验证函数中添加它,但我不知道如何,我想这样使用它:
exports.admin_panel = function(req,res){
res.render('adminpanel',{
'user': //add the username
})
}
更改verify()函数:
exports.verify = function(req,res,next){
let accessToken = req.cookies.jwt;
if(!accessToken){
return res.status(403).send();
}
let payload = jwt.verify(accessToken, process.env.ACCESS_TOKEN_SECRET);
if(!payload){
console.log("Not authorized")
res.status(401).send();
}
req.user = payload.username
next();
};