From 458c2b403f671a386d7a8e4f65d8e83391c37788 Mon Sep 17 00:00:00 2001 From: yutent Date: Fri, 27 Oct 2023 19:19:48 +0800 Subject: [PATCH] 2.0 --- index.js | 124 ++++++++++++++++++++++++++++--------------------------- 1 file changed, 64 insertions(+), 60 deletions(-) diff --git a/index.js b/index.js index 9b57774..3cfa292 100644 --- a/index.js +++ b/index.js @@ -12,78 +12,82 @@ function hmac(str, secret) { return base64encode(buf, true) } -export const jwtPackage = { - name: 'jwt', - install() { - return { - // 签名, 返回token - sign(data, secret, ttl) { - // header: base64("{"typ":"JWT","alg":"HS256"}") - // 这里固定使用sha256, - var header = 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9' +export function createJwtModule() { + return { + name: 'jwt', + install() { + return { + // 签名, 返回token + sign(data, secret, ttl) { + // header: base64("{"typ":"JWT","alg":"HS256"}") + // 这里固定使用sha256, + var header = 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9' - // 加入过期时间, - var payload = { data, expires: Date.now() + ttl * 1000 } - var auth_str = '' + // 加入过期时间, + var payload = { data, expires: Date.now() + ttl * 1000 } + var auth_str = '' - payload = JSON.stringify(payload) - payload = base64encode(payload, true) - auth_str = hmac(`${header}.${payload}`, secret) + payload = JSON.stringify(payload) + payload = base64encode(payload, true) + auth_str = hmac(`${header}.${payload}`, secret) - return [header, payload, auth_str].join('.') - }, + return [header, payload, auth_str].join('.') + }, - // 校验token - verify(token = '', secret) { - var jwt = token.split('.') - var auth_str, payload + // 校验token + verify(token = '', secret) { + var jwt = token.split('.') + var auth_str, payload + + if (jwt.length !== 3) { + return false + } + auth_str = jwt.pop() + payload = JSON.parse(base64decode(jwt[1], true)) + + // 如果已经过期, 则不再校验hash + if (payload.expires < Date.now()) { + return false + } + + if (hmac(jwt.join('.'), secret) === auth_str) { + return payload.data + } - if (jwt.length !== 3) { return false } - auth_str = jwt.pop() - payload = JSON.parse(base64decode(jwt[1], true)) - - // 如果已经过期, 则不再校验hash - if (payload.expires < Date.now()) { - return false - } - - if (hmac(jwt.join('.'), secret) === auth_str) { - return payload.data - } - - return false } } } } -export function jwtConnect(req, res, next) { - var { secret, level } = this.get('jwt') - var deviceID = '' - var ssid +export function createJwt() { + return function (req, res, next) { + var { secret, level } = this.get('jwt') + var deviceID = '' + var ssid - // options请求不处理jwt - if (req.method === 'OPTIONS') { - return next() + // options请求不处理jwt + if (req.method === 'OPTIONS') { + return next() + } + + // 校验UA + if (level & 2) { + deviceID += req.header('user-agent') + } + + // 校验IP + if (level & 4) { + deviceID += req.ip() + } + + if (deviceID) { + deviceID = sha1(deviceID) + } + + req.__mix_key__ = secret + deviceID + + next() } - - // 校验UA - if (level & 2) { - deviceID += req.header('user-agent') - } - - // 校验IP - if (level & 4) { - deviceID += req.ip() - } - - if (deviceID) { - deviceID = sha1(deviceID) - } - - req.mixKey = secret + deviceID - - next() }