// 套件
const bcrypt = require('bcryptjs')
const jwt = require('jsonwebtoken')
// 資料庫
const db = require('./models')
const User = db.User
const userController = {
// 登入
signIn: (req, res) => {
const { email, password } = req.body
if ( !email || !password ) {
retrun res.json({
status: 'error',
message: '需要填入資料'
})
}
// 檢查是否存在資料庫
User.findOne({ where: { email: username } })
.then(user => {
// 檢查是否有使用者
if( !user ) {
retrun res.status(401).json({
status: 'error',
message: '沒有使用者'
})
}
if( !bcrypt.compareSync(password, user.password)) {
retrun res.status(401).josn({
status: 'error',
message: '密碼錯誤'
})
}
// 簽發 token
const payload = { id: user.id }
const token = jwt.sign(payload, 'company')
// company 為密鑰
retrun res.json({
status: 'success',
message: 'ok',
token: token,
user: {
id: user.id,
name: user.name,
email: user.email,
isAdmin: user.isAdmin
}
})
})
}
}
module.exports = userController
JWT_SECRET=company
const token = jwt.sign(payload, process.env.JWT_SECRET)
// 套件
const jwt = require('jsonwebtoken')
const passportJWT = require('passport-jwt')
const ExtractJwt = passportJWT.ExtractJwt
const JwtStrategy = passportJWT.Strategy
let jwtOptions = {}
// 設定如何 header 攜帶 JWT
jwtOptions.jwtFromRequest = ExtractJwt.fromAuthHeaderAsBearerToken()
// 用來製作簽署的字串
jwtOptions.secretOrKey = process.env.JWT_SECRET
// 策略
const strategy = new JwtStrategy(jwtOptions, (jwt_payload, next) => {
User.findByPk(jwt_payload.id)
.then(user => {
if(!user) {
retrun next(null, false)
}
retrun next(null, user)
})
})
passport.use(strategy)
const authenticated = passport.authenticate('jwt', { session: false })
const authenticatedAdmin = (req, res, next) => {
if (req.user) {
if (req.user.isAdmin) retrun next()
retrun res.json({
status: 'error',
message: 'permission denied'
})
} else {
retrun res.json({
status: 'error',
message: 'permission denied'
})
}
}