change from session to token 3/3

eijs · Sep 2, 2017 · 3982c39 · 3982c39
1 parent 7ce6158
commit 3982c39
Show file tree

Hide file tree

Showing 5 changed files with 37 additions and 43 deletions.
diff --git a/bin/jwt/index.js b/bin/jwt/index.js
@@ -9,7 +9,7 @@ function jwtEnc(user, pass) {
     user: user,
     pass: pass,
     isToken: true,
-    iat: Math.floor(Date.now() / 1000) + (60 * 60)
+    iat: Math.floor(Date.now() / 1000) + (60 * 60 * 24 * 1)
   }, pubKey)
   return token
 }
@@ -18,14 +18,14 @@ function jwtEnc(user, pass) {
 // 返回Promise对象
 function jwtDec(token) {
   return new Promise((resolve, reject) => {
-    jwt.verify(token, pubKey, function(err, val){
-      // 捕获到错误则拒绝
-      if (err) {
+    jwt.verify(token, pubKey, function(err, tokenObj){
+      // 捕获到错误或token过期则拒绝
+      if (err || tokenObj.iat < (Date.now() / 1000)) {
         reject('Tooken is invaild')
       }
       // 否则返回处理成功
       else {
-        resolve(val)
+        resolve(tokenObj)
       }
     })
   })

diff --git a/bin/router/routerUser.js b/bin/router/routerUser.js
@@ -83,7 +83,7 @@ router.post('/api/user/register', (req, res, next) => {
 
         // 生成token
         const token = jwtEnc(name, pass)
-        res.cookie('token', token, { expires: new Date(Date.now() + 900000), httpOnly: true });
+        res.cookie('token', token, { expires: new Date(Date.now() + 60*60*24*1*1000), httpOnly: true });
         res.send({
           msgCode:200,
           msgCtx: 'Reg success & logined.',
@@ -137,7 +137,7 @@ router.post('/api/user/login', (req, res, next) => {
       else {
         // 生成token
         const token = jwtEnc(name, pass)
-        res.cookie('token', token, { expires: new Date(Date.now() + 900000), httpOnly: true });
+        res.cookie('token', token, { expires: new Date(Date.now() + 60*60*24*1*1000), httpOnly: true });
         res.send({
           msgCode:200,
           msgCtx: 'Login success.',

diff --git a/bin/socket/event.js b/bin/socket/event.js
@@ -12,51 +12,43 @@ const event = function (chatData, chatMethod, port) {
   io.on('connection', (socket) =>  {
     const cookieData = cookie.parse(socket.handshake.headers.cookie);
     const token = cookieData.token
-    console.log(cookieData.token)
     jwtDec(token).then(function(tokenObj) {
       const currentRoomName = chatMethod.getCurrentRoomID(socket)
       let loginedUserName = ''
       let loginedUserImg = ''
       socket.join(currentRoomName)  // 进入房间
-      try {
         loginedUserName = tokenObj.user
 
         // 通过session中的用户名在数据库中查询用户信息
         info.findOne({user: loginedUserName}, (err, val) => {
 
-          // 如果出错则打印出来
-          if (err) {
-            console.log('findInfoFromDB / err : ' + err)
-          }
-
-          // 如果查询到用户数据则保持图片Url到loginedUserImg变量里
-          else if (val !== null) {
-            loginedUserImg = val.img
-
-
-            console.log(`${loginedUserName} joined ${currentRoomName}`)
-
-            // 发送请求当前房间号事件
-            socket.emit('room id req', {name: loginedUserName, img: loginedUserImg})
-
-            // 添加用户到当前房间
-            chatMethod.addUserToTheRoom(currentRoomName, {
-              name: loginedUserName,
-              img: loginedUserImg
-            })
-
-            // 发送用于调试的状态信息
-            socket.emit('current status', chatData)
-            console.log('currentRoomName: ' + currentRoomName)
-            console.log('findInfoFromDB / loginedUserName: ' + loginedUserName)
-            console.log('findInfoFromDB / loginedUserImg: ' + loginedUserImg)
-          }
-        })
+        // 如果出错则打印出来
+        if (err) {
+          console.log('findInfoFromDB / err : ' + err)
+        }
+
+        // 如果查询到用户数据则保持图片Url到loginedUserImg变量里
+        else if (val !== null) {
+          loginedUserImg = val.img
+
+          console.log(`${loginedUserName} joined ${currentRoomName}`)
+
+          // 发送请求当前房间号事件
+          socket.emit('room id req', {name: loginedUserName, img: loginedUserImg})
 
-        // 如果捕获到错误则报错
-      } catch(err) {
-        console.log('sessionFile / err: ' + err);
-      }
+          // 添加用户到当前房间
+          chatMethod.addUserToTheRoom(currentRoomName, {
+            name: loginedUserName,
+            img: loginedUserImg
+          })
+
+          // 发送用于调试的状态信息
+          socket.emit('current status', chatData)
+          console.log('currentRoomName: ' + currentRoomName)
+          console.log('findInfoFromDB / loginedUserName: ' + loginedUserName)
+          console.log('findInfoFromDB / loginedUserImg: ' + loginedUserImg)
+        }
+      })
 
       // 初始化房间
       chatData.currentRoomName = chatMethod.getCurrentRoomID(socket)

diff --git a/public/src/js/roomAdd.js b/public/src/js/roomAdd.js
@@ -29,7 +29,8 @@
 
   // 新房间提交函数
   function submitNewRoomInfo() {
-    axios.post(ajaxUrl, {
+    const token = localStorage.getItem('token')
+    axios.post(`${ajaxUrl}?token=${token}`, {
       name: roomName.value,
       desc: roomDesc.value
     }).then((res) => {

diff --git a/public/src/js/userInfoMod.js b/public/src/js/userInfoMod.js
@@ -32,7 +32,8 @@
 
   // 提交修改后的用户信息的函数
   function submitModUserInfo() {
-    axios.put(ajaxUrl,{
+    const token = localStorage.getItem('token')
+    axios.put(`${ajaxUrl}?token=${token}`,{
       gender: currentGender[userInfoGenderWrap.value],
       img: userDisImg.src,
       city: userInfoCity.value,