diff --git a/.env.example b/.env.example index 0ee5859..4b6c1ec 100644 --- a/.env.example +++ b/.env.example @@ -7,4 +7,5 @@ DB_USERNAME=root DB_PASSWORD= JWT_SECRET=test -JWT_ALGORITHM=HS256 \ No newline at end of file +#JWT_ALGORITHM=HS256 +JWT_ISSUER=testing \ No newline at end of file diff --git a/src/config/express.ts b/src/config/express.ts index 2bb8183..81a4748 100644 --- a/src/config/express.ts +++ b/src/config/express.ts @@ -1,6 +1,7 @@ import express from 'express'; import logger from 'morgan' import {expressjwt} from "express-jwt"; +import {getUser} from "./middleware"; const app = express(); @@ -10,13 +11,15 @@ app.use(express.urlencoded({ extended: false })); // JWT -app.use( - expressjwt({ - secret: Buffer.from(process.env.JWT_SECRET, "base64"), - algorithms: ["HS256"], - issuer: "testing", - }) -); +// app.use( +// expressjwt({ +// secret: Buffer.from(process.env.JWT_SECRET, "base64"), +// algorithms: ["HS256"], +// issuer: process.env.JWT_ISSUER, +// }) +// ); + +app.use(getUser) app.use((err: express.ErrorRequestHandler, req: express.Request, res: express.Response, next: express.NextFunction) => { if (err.name === "UnauthorizedError") { diff --git a/src/config/middleware.ts b/src/config/middleware.ts new file mode 100644 index 0000000..55fe927 --- /dev/null +++ b/src/config/middleware.ts @@ -0,0 +1,30 @@ +import {NextFunction, Request, Response} from 'express' +import {JWTRequest} from "../types/JWTRequest"; + +const getUser = (req: JWTRequest, res: Response, next: NextFunction) => { + // 从 header 中获取 token + const token = req.headers.authorization.split(' ')[1] + + // 获取 JWT 的用户部分 + const base64Url = token.split('.')[1] + const base64 = base64Url.replace('-', '+').replace('_', '/') + + req.auth = Object.assign({}, req.auth, JSON.parse(Buffer.from(base64, 'base64').toString())) + + next() +} + +// function hasRole(role: string) { +// return (req: JWTRequest, res: Response, next: NextFunction) => { +// if (req.user.role === role) { +// next() +// } else { +// res.status(403).send('Unauthorized') +// } +// } +// } + +export { + // hasRole, + getUser +} \ No newline at end of file diff --git a/src/controller/User.ts b/src/controller/User.ts index bf101d6..d540b63 100644 --- a/src/controller/User.ts +++ b/src/controller/User.ts @@ -1,10 +1,18 @@ import {Request, Response} from "express"; import {User} from "../entity/User"; import manager from "../config/manager"; +import {JWTRequest} from "../types/JWTRequest"; class UserController { - public async index(request: Request, response: Response) { + public async index(request: JWTRequest, response: Response) { + const authorization = request.auth.user.id + + console.log(authorization) + + return response.json({ + message: 'Hello World! From user' + }) const user = new User() user.name = "Timber" diff --git a/src/types/JWTRequest.ts b/src/types/JWTRequest.ts new file mode 100644 index 0000000..7e786e5 --- /dev/null +++ b/src/types/JWTRequest.ts @@ -0,0 +1,6 @@ +import * as jwt from "jsonwebtoken"; +import * as express from "express"; + +export type JWTRequest = express.Request & { + auth?: T; +}; \ No newline at end of file