{"id":1203,"date":"2020-11-11T13:57:00","date_gmt":"2020-11-11T05:57:00","guid":{"rendered":"http:\/\/123.57.164.21\/?p=1203"},"modified":"2021-01-30T14:52:10","modified_gmt":"2021-01-30T06:52:10","slug":"%e4%bb%80%e4%b9%88%e6%98%af-jwt-json-web-token","status":"publish","type":"post","link":"https:\/\/92it.top\/?p=1203","title":{"rendered":"\u4ec0\u4e48\u662f JWT — JSON WEB TOKEN"},"content":{"rendered":"\n

\u4ec0\u4e48\u662fJWT<\/h4>\n\n\n\n

Json web token (JWT), \u662f\u4e3a\u4e86\u5728\u7f51\u7edc\u5e94\u7528\u73af\u5883\u95f4\u4f20\u9012\u58f0\u660e\u800c\u6267\u884c\u7684\u4e00\u79cd\u57fa\u4e8eJSON\u7684\u5f00\u653e\u6807\u51c6\uff08(RFC 7519<\/a>).\u8be5token\u88ab\u8bbe\u8ba1\u4e3a\u7d27\u51d1\u4e14\u5b89\u5168\u7684\uff0c\u7279\u522b\u9002\u7528\u4e8e\u5206\u5e03\u5f0f\u7ad9\u70b9\u7684\u5355\u70b9\u767b\u5f55\uff08SSO\uff09\u573a\u666f\u3002JWT\u7684\u58f0\u660e\u4e00\u822c\u88ab\u7528\u6765\u5728\u8eab\u4efd\u63d0\u4f9b\u8005\u548c\u670d\u52a1\u63d0\u4f9b\u8005\u95f4\u4f20\u9012\u88ab\u8ba4\u8bc1\u7684\u7528\u6237\u8eab\u4efd\u4fe1\u606f\uff0c\u4ee5\u4fbf\u4e8e\u4ece\u8d44\u6e90\u670d\u52a1\u5668\u83b7\u53d6\u8d44\u6e90\uff0c\u4e5f\u53ef\u4ee5\u589e\u52a0\u4e00\u4e9b\u989d\u5916\u7684\u5176\u5b83\u4e1a\u52a1\u903b\u8f91\u6240\u5fc5\u987b\u7684\u58f0\u660e\u4fe1\u606f\uff0c\u8be5token\u4e5f\u53ef\u76f4\u63a5\u88ab\u7528\u4e8e\u8ba4\u8bc1\uff0c\u4e5f\u53ef\u88ab\u52a0\u5bc6\u3002<\/p><\/blockquote>\n\n\n\n

\u8d77\u6e90<\/h4>\n\n\n\n

\u8bf4\u8d77JWT\uff0c\u6211\u4eec\u5e94\u8be5\u6765\u8c08\u4e00\u8c08\u57fa\u4e8etoken\u7684\u8ba4\u8bc1\u548c\u4f20\u7edf\u7684session\u8ba4\u8bc1\u7684\u533a\u522b\u3002<\/p>\n\n\n\n

  • \u4f20\u7edf\u7684session\u8ba4\u8bc1<\/li><\/ul>\n\n\n\n

    \u6211\u4eec\u77e5\u9053\uff0chttp\u534f\u8bae\u672c\u8eab\u662f\u4e00\u79cd\u65e0\u72b6\u6001\u7684\u534f\u8bae\uff0c\u800c\u8fd9\u5c31\u610f\u5473\u7740\u5982\u679c\u7528\u6237\u5411\u6211\u4eec\u7684\u5e94\u7528\u63d0\u4f9b\u4e86\u7528\u6237\u540d\u548c\u5bc6\u7801\u6765\u8fdb\u884c\u7528\u6237\u8ba4\u8bc1\uff0c\u90a3\u4e48\u4e0b\u4e00\u6b21\u8bf7\u6c42\u65f6\uff0c\u7528\u6237\u8fd8\u8981\u518d\u4e00\u6b21\u8fdb\u884c\u7528\u6237\u8ba4\u8bc1\u624d\u884c\uff0c\u56e0\u4e3a\u6839\u636ehttp\u534f\u8bae\uff0c\u6211\u4eec\u5e76\u4e0d\u80fd\u77e5\u9053\u662f\u54ea\u4e2a\u7528\u6237\u53d1\u51fa\u7684\u8bf7\u6c42\uff0c\u6240\u4ee5\u4e3a\u4e86\u8ba9\u6211\u4eec\u7684\u5e94\u7528\u80fd\u8bc6\u522b\u662f\u54ea\u4e2a\u7528\u6237\u53d1\u51fa\u7684\u8bf7\u6c42\uff0c\u6211\u4eec\u53ea\u80fd\u5728\u670d\u52a1\u5668\u5b58\u50a8\u4e00\u4efd\u7528\u6237\u767b\u5f55\u7684\u4fe1\u606f\uff0c\u8fd9\u4efd\u767b\u5f55\u4fe1\u606f\u4f1a\u5728\u54cd\u5e94\u65f6\u4f20\u9012\u7ed9\u6d4f\u89c8\u5668\uff0c\u544a\u8bc9\u5176\u4fdd\u5b58\u4e3acookie,\u4ee5\u4fbf\u4e0b\u6b21\u8bf7\u6c42\u65f6\u53d1\u9001\u7ed9\u6211\u4eec\u7684\u5e94\u7528\uff0c\u8fd9\u6837\u6211\u4eec\u7684\u5e94\u7528\u5c31\u80fd\u8bc6\u522b\u8bf7\u6c42\u6765\u81ea\u54ea\u4e2a\u7528\u6237\u4e86,\u8fd9\u5c31\u662f\u4f20\u7edf\u7684\u57fa\u4e8esession\u8ba4\u8bc1\u3002<\/p>\n\n\n\n

    \u4f46\u662f\u8fd9\u79cd\u57fa\u4e8esession\u7684\u8ba4\u8bc1\u4f7f\u5e94\u7528\u672c\u8eab\u5f88\u96be\u5f97\u5230\u6269\u5c55\uff0c\u968f\u7740\u4e0d\u540c\u5ba2\u6237\u7aef\u7528\u6237\u7684\u589e\u52a0\uff0c\u72ec\u7acb\u7684\u670d\u52a1\u5668\u5df2\u65e0\u6cd5\u627f\u8f7d\u66f4\u591a\u7684\u7528\u6237\uff0c\u800c\u8fd9\u65f6\u5019\u57fa\u4e8esession\u8ba4\u8bc1\u5e94\u7528\u7684\u95ee\u9898\u5c31\u4f1a\u66b4\u9732\u51fa\u6765.<\/p>\n\n\n\n

    • \u57fa\u4e8esession\u8ba4\u8bc1\u6240\u663e\u9732\u7684\u95ee\u9898<\/li><\/ul>\n\n\n\n

      Session<\/strong>: \u6bcf\u4e2a\u7528\u6237\u7ecf\u8fc7\u6211\u4eec\u7684\u5e94\u7528\u8ba4\u8bc1\u4e4b\u540e\uff0c\u6211\u4eec\u7684\u5e94\u7528\u90fd\u8981\u5728\u670d\u52a1\u7aef\u505a\u4e00\u6b21\u8bb0\u5f55\uff0c\u4ee5\u65b9\u4fbf\u7528\u6237\u4e0b\u6b21\u8bf7\u6c42\u7684\u9274\u522b\uff0c\u901a\u5e38\u800c\u8a00session\u90fd\u662f\u4fdd\u5b58\u5728\u5185\u5b58\u4e2d\uff0c\u800c\u968f\u7740\u8ba4\u8bc1\u7528\u6237\u7684\u589e\u591a\uff0c\u670d\u52a1\u7aef\u7684\u5f00\u9500\u4f1a\u660e\u663e\u589e\u5927\u3002<\/p>\n\n\n\n

      \u6269\u5c55\u6027<\/strong>: \u7528\u6237\u8ba4\u8bc1\u4e4b\u540e\uff0c\u670d\u52a1\u7aef\u505a\u8ba4\u8bc1\u8bb0\u5f55\uff0c\u5982\u679c\u8ba4\u8bc1\u7684\u8bb0\u5f55\u88ab\u4fdd\u5b58\u5728\u5185\u5b58\u4e2d\u7684\u8bdd\uff0c\u8fd9\u610f\u5473\u7740\u7528\u6237\u4e0b\u6b21\u8bf7\u6c42\u8fd8\u5fc5\u987b\u8981\u8bf7\u6c42\u5728\u8fd9\u53f0\u670d\u52a1\u5668\u4e0a,\u8fd9\u6837\u624d\u80fd\u62ff\u5230\u6388\u6743\u7684\u8d44\u6e90\uff0c\u8fd9\u6837\u5728\u5206\u5e03\u5f0f\u7684\u5e94\u7528\u4e0a\uff0c\u76f8\u5e94\u7684\u9650\u5236\u4e86\u8d1f\u8f7d\u5747\u8861\u5668\u7684\u80fd\u529b\u3002\u8fd9\u4e5f\u610f\u5473\u7740\u9650\u5236\u4e86\u5e94\u7528\u7684\u6269\u5c55\u80fd\u529b\u3002<\/p>\n\n\n\n

      CSRF<\/strong>: \u56e0\u4e3a\u662f\u57fa\u4e8ecookie\u6765\u8fdb\u884c\u7528\u6237\u8bc6\u522b\u7684, cookie\u5982\u679c\u88ab\u622a\u83b7\uff0c\u7528\u6237\u5c31\u4f1a\u5f88\u5bb9\u6613\u53d7\u5230\u8de8\u7ad9\u8bf7\u6c42\u4f2a\u9020\u7684\u653b\u51fb\u3002<\/p>\n\n\n\n

      \u57fa\u4e8etoken\u7684\u9274\u6743\u673a\u5236<\/h4>\n\n\n\n

      \u57fa\u4e8etoken\u7684\u9274\u6743\u673a\u5236\u7c7b\u4f3c\u4e8ehttp\u534f\u8bae\u4e5f\u662f\u65e0\u72b6\u6001\u7684\uff0c\u5b83\u4e0d\u9700\u8981\u5728\u670d\u52a1\u7aef\u53bb\u4fdd\u7559\u7528\u6237\u7684\u8ba4\u8bc1\u4fe1\u606f\u6216\u8005\u4f1a\u8bdd\u4fe1\u606f\u3002\u8fd9\u5c31\u610f\u5473\u7740\u57fa\u4e8etoken\u8ba4\u8bc1\u673a\u5236\u7684\u5e94\u7528\u4e0d\u9700\u8981\u53bb\u8003\u8651\u7528\u6237\u5728\u54ea\u4e00\u53f0\u670d\u52a1\u5668\u767b\u5f55\u4e86\uff0c\u8fd9\u5c31\u4e3a\u5e94\u7528\u7684\u6269\u5c55\u63d0\u4f9b\u4e86\u4fbf\u5229\u3002<\/p>\n\n\n\n

      \u6d41\u7a0b\u4e0a\u662f\u8fd9\u6837\u7684\uff1a<\/p>\n\n\n\n

      • \u7528\u6237\u4f7f\u7528\u7528\u6237\u540d\u5bc6\u7801\u6765\u8bf7\u6c42\u670d\u52a1\u5668<\/li>
      • \u670d\u52a1\u5668\u8fdb\u884c\u9a8c\u8bc1\u7528\u6237\u7684\u4fe1\u606f<\/li>
      • \u670d\u52a1\u5668\u901a\u8fc7\u9a8c\u8bc1\u53d1\u9001\u7ed9\u7528\u6237\u4e00\u4e2atoken<\/li>
      • \u5ba2\u6237\u7aef\u5b58\u50a8token\uff0c\u5e76\u5728\u6bcf\u6b21\u8bf7\u6c42\u65f6\u9644\u9001\u4e0a\u8fd9\u4e2atoken\u503c<\/li>
      • \u670d\u52a1\u7aef\u9a8c\u8bc1token\u503c\uff0c\u5e76\u8fd4\u56de\u6570\u636e<\/li><\/ul>\n\n\n\n

        \u8fd9\u4e2atoken\u5fc5\u987b\u8981\u5728\u6bcf\u6b21\u8bf7\u6c42\u65f6\u4f20\u9012\u7ed9\u670d\u52a1\u7aef\uff0c\u5b83\u5e94\u8be5\u4fdd\u5b58\u5728\u8bf7\u6c42\u5934\u91cc\uff0c \u53e6\u5916\uff0c\u670d\u52a1\u7aef\u8981\u652f\u6301CORS(\u8de8\u6765\u6e90\u8d44\u6e90\u5171\u4eab)<\/code>\u7b56\u7565\uff0c\u4e00\u822c\u6211\u4eec\u5728\u670d\u52a1\u7aef\u8fd9\u4e48\u505a\u5c31\u53ef\u4ee5\u4e86Access-Control-Allow-Origin: *<\/code>\u3002<\/p>\n\n\n\n

        \u90a3\u4e48\u6211\u4eec\u73b0\u5728\u56de\u5230JWT\u7684\u4e3b\u9898\u4e0a\u3002<\/p>\n\n\n\n

        JWT\u957f\u4ec0\u4e48\u6837\uff1f<\/h4>\n\n\n\n

        JWT\u662f\u7531\u4e09\u6bb5\u4fe1\u606f\u6784\u6210\u7684\uff0c\u5c06\u8fd9\u4e09\u6bb5\u4fe1\u606f\u6587\u672c\u7528.<\/code>\u94fe\u63a5\u4e00\u8d77\u5c31\u6784\u6210\u4e86Jwt\u5b57\u7b26\u4e32\u3002\u5c31\u50cf\u8fd9\u6837:<\/p>\n\n\n\n

        eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWV9.TJVA95OrM7E2cBab30RMHrHDcEfxjoYZgeFONFh7HgQ<\/pre>\n\n\n\n
        JWT\u7684\u6784\u6210<\/h4>\n\n\n\n
        \u7b2c\u4e00\u90e8\u5206\u6211\u4eec\u79f0\u5b83\u4e3a\u5934\u90e8\uff08header),\u7b2c\u4e8c\u90e8\u5206\u6211\u4eec\u79f0\u5176\u4e3a\u8f7d\u8377\uff08payload, \u7c7b\u4f3c\u4e8e\u98de\u673a\u4e0a\u627f\u8f7d\u7684\u7269\u54c1)\uff0c\u7b2c\u4e09\u90e8\u5206\u662f\u7b7e\u8bc1\uff08signature).<\/p>\n\n\n\n
        header<\/h5>\n\n\n\n
        jwt\u7684\u5934\u90e8\u627f\u8f7d\u4e24\u90e8\u5206\u4fe1\u606f\uff1a<\/p>\n\n\n\n
        • \u58f0\u660e\u7c7b\u578b\uff0c\u8fd9\u91cc\u662fjwt<\/li>
        • \u58f0\u660e\u52a0\u5bc6\u7684\u7b97\u6cd5 \u901a\u5e38\u76f4\u63a5\u4f7f\u7528 HMAC SHA256<\/li><\/ul>\n\n\n\n
          \u5b8c\u6574\u7684\u5934\u90e8\u5c31\u50cf\u4e0b\u9762\u8fd9\u6837\u7684JSON\uff1a<\/p>\n\n\n\n
          {\n  'typ': 'JWT',\n  'alg': 'HS256'\n}<\/pre>\n\n\n\n
          \u7136\u540e\u5c06\u5934\u90e8\u8fdb\u884cbase64\u52a0\u5bc6\uff08\u8be5\u52a0\u5bc6\u662f\u53ef\u4ee5\u5bf9\u79f0\u89e3\u5bc6\u7684),\u6784\u6210\u4e86\u7b2c\u4e00\u90e8\u5206.<\/p>\n\n\n\n
          eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9<\/pre>\n\n\n\n
          playload<\/h5>\n\n\n\n
          \u8f7d\u8377\u5c31\u662f\u5b58\u653e\u6709\u6548\u4fe1\u606f\u7684\u5730\u65b9\u3002\u8fd9\u4e2a\u540d\u5b57\u50cf\u662f\u7279\u6307\u98de\u673a\u4e0a\u627f\u8f7d\u7684\u8d27\u54c1\uff0c\u8fd9\u4e9b\u6709\u6548\u4fe1\u606f\u5305\u542b\u4e09\u4e2a\u90e8\u5206<\/p>\n\n\n\n
          • \u6807\u51c6\u4e2d\u6ce8\u518c\u7684\u58f0\u660e<\/li>
          • \u516c\u5171\u7684\u58f0\u660e<\/li>
          • \u79c1\u6709\u7684\u58f0\u660e<\/li><\/ul>\n\n\n\n
            \u6807\u51c6\u4e2d\u6ce8\u518c\u7684\u58f0\u660e<\/strong> (\u5efa\u8bae\u4f46\u4e0d\u5f3a\u5236\u4f7f\u7528) \uff1a<\/h5>\n\n\n\n
            • iss<\/strong>: jwt\u7b7e\u53d1\u8005<\/li>
            • sub<\/strong>: jwt\u6240\u9762\u5411\u7684\u7528\u6237<\/li>
            • aud<\/strong>: \u63a5\u6536jwt\u7684\u4e00\u65b9<\/li>
            • exp<\/strong>: jwt\u7684\u8fc7\u671f\u65f6\u95f4\uff0c\u8fd9\u4e2a\u8fc7\u671f\u65f6\u95f4\u5fc5\u987b\u8981\u5927\u4e8e\u7b7e\u53d1\u65f6\u95f4<\/li>
            • nbf<\/strong>: \u5b9a\u4e49\u5728\u4ec0\u4e48\u65f6\u95f4\u4e4b\u524d\uff0c\u8be5jwt\u90fd\u662f\u4e0d\u53ef\u7528\u7684.<\/li>
            • iat<\/strong>: jwt\u7684\u7b7e\u53d1\u65f6\u95f4<\/li>
            • jti<\/strong>: jwt\u7684\u552f\u4e00\u8eab\u4efd\u6807\u8bc6\uff0c\u4e3b\u8981\u7528\u6765\u4f5c\u4e3a\u4e00\u6b21\u6027token,\u4ece\u800c\u56de\u907f\u91cd\u653e\u653b\u51fb\u3002<\/li><\/ul>\n\n\n\n
              \u516c\u5171\u7684\u58f0\u660e<\/strong> \uff1a<\/h5>\n\n\n\n
              \u516c\u5171\u7684\u58f0\u660e\u53ef\u4ee5\u6dfb\u52a0\u4efb\u4f55\u7684\u4fe1\u606f\uff0c\u4e00\u822c\u6dfb\u52a0\u7528\u6237\u7684\u76f8\u5173\u4fe1\u606f\u6216\u5176\u4ed6\u4e1a\u52a1\u9700\u8981\u7684\u5fc5\u8981\u4fe1\u606f.\u4f46\u4e0d\u5efa\u8bae\u6dfb\u52a0\u654f\u611f\u4fe1\u606f\uff0c\u56e0\u4e3a\u8be5\u90e8\u5206\u5728\u5ba2\u6237\u7aef\u53ef\u89e3\u5bc6.<\/p>\n\n\n\n
              \u79c1\u6709\u7684\u58f0\u660e<\/strong> \uff1a<\/p>\n\n\n\n
              \u79c1\u6709\u58f0\u660e\u662f\u63d0\u4f9b\u8005\u548c\u6d88\u8d39\u8005\u6240\u5171\u540c\u5b9a\u4e49\u7684\u58f0\u660e\uff0c\u4e00\u822c\u4e0d\u5efa\u8bae\u5b58\u653e\u654f\u611f\u4fe1\u606f\uff0c\u56e0\u4e3abase64\u662f\u5bf9\u79f0\u89e3\u5bc6\u7684\uff0c\u610f\u5473\u7740\u8be5\u90e8\u5206\u4fe1\u606f\u53ef\u4ee5\u5f52\u7c7b\u4e3a\u660e\u6587\u4fe1\u606f\u3002<\/p>\n\n\n\n
              \u5b9a\u4e49\u4e00\u4e2apayload:<\/h5>\n\n\n\n
              {\n  \"sub\": \"1234567890\",\n  \"name\": \"John Doe\",\n  \"admin\": true\n}\n<\/pre>\n\n\n\n
              \u7136\u540e\u5c06\u5176\u8fdb\u884cbase64\u52a0\u5bc6\uff0c\u5f97\u5230Jwt\u7684\u7b2c\u4e8c\u90e8\u5206\u3002<\/h5>\n\n\n\n
              eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWV9\n<\/pre>\n\n\n\n
              signature<\/h5>\n\n\n\n
              jwt\u7684\u7b2c\u4e09\u90e8\u5206\u662f\u4e00\u4e2a\u7b7e\u8bc1\u4fe1\u606f\uff0c\u8fd9\u4e2a\u7b7e\u8bc1\u4fe1\u606f\u7531\u4e09\u90e8\u5206\u7ec4\u6210\uff1a<\/p>\n\n\n\n
              • header (base64\u540e\u7684)<\/li>
              • payload (base64\u540e\u7684)<\/li>
              • secret<\/li><\/ul>\n\n\n\n
                \u8fd9\u4e2a\u90e8\u5206\u9700\u8981base64\u52a0\u5bc6\u540e\u7684header\u548cbase64\u52a0\u5bc6\u540e\u7684payload\u4f7f\u7528.<\/code>\u8fde\u63a5\u7ec4\u6210\u7684\u5b57\u7b26\u4e32\uff0c\u7136\u540e\u901a\u8fc7header\u4e2d\u58f0\u660e\u7684\u52a0\u5bc6\u65b9\u5f0f\u8fdb\u884c\u52a0\u76d0secret<\/code>\u7ec4\u5408\u52a0\u5bc6\uff0c\u7136\u540e\u5c31\u6784\u6210\u4e86jwt\u7684\u7b2c\u4e09\u90e8\u5206\u3002<\/em><\/p>\n\n\n\n
                \/\/ javascript\nvar encodedString = base64UrlEncode(header) + '.' + base64UrlEncode(payload);\n\nvar signature = HMACSHA256(encodedString, 'secret'); \/\/ TJVA95OrM7E2cBab30RMHrHDcEfxjoYZgeFONFh7HgQ<\/pre>\n\n\n\n
                \u5c06\u8fd9\u4e09\u90e8\u5206\u7528.<\/code>\u8fde\u63a5\u6210\u4e00\u4e2a\u5b8c\u6574\u7684\u5b57\u7b26\u4e32,\u6784\u6210\u4e86\u6700\u7ec8\u7684jwt:<\/p>\n\n\n\n
                  eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWV9.TJVA95OrM7E2cBab30RMHrHDcEfxjoYZgeFONFh7HgQ<\/pre>\n\n\n\n
                \u6ce8\u610f\uff1asecret\u662f\u4fdd\u5b58\u5728\u670d\u52a1\u5668\u7aef\u7684\uff0cjwt\u7684\u7b7e\u53d1\u751f\u6210\u4e5f\u662f\u5728\u670d\u52a1\u5668\u7aef\u7684\uff0csecret\u5c31\u662f\u7528\u6765\u8fdb\u884cjwt\u7684\u7b7e\u53d1\u548cjwt\u7684\u9a8c\u8bc1\uff0c\u6240\u4ee5\uff0c\u5b83\u5c31\u662f\u4f60\u670d\u52a1\u7aef\u7684\u79c1\u94a5\uff0c\u5728\u4efb\u4f55\u573a\u666f\u90fd\u4e0d\u5e94\u8be5\u6d41\u9732\u51fa\u53bb\u3002\u4e00\u65e6\u5ba2\u6237\u7aef\u5f97\u77e5\u8fd9\u4e2asecret, \u90a3\u5c31\u610f\u5473\u7740\u5ba2\u6237\u7aef\u662f\u53ef\u4ee5\u81ea\u6211\u7b7e\u53d1jwt\u4e86\u3002<\/strong><\/p>\n\n\n\n
                \u5982\u4f55\u5e94\u7528<\/h4>\n\n\n\n
                \u4e00\u822c\u662f\u5728\u8bf7\u6c42\u5934\u91cc\u52a0\u5165Authorization<\/code>\uff0c\u5e76\u52a0\u4e0aBearer<\/code>\u6807\u6ce8\uff1a<\/p>\n\n\n\n
                fetch('api\/user\/1', {\n  headers: {\n    'Authorization': 'Bearer ' + token\n  }\n})<\/pre>\n\n\n\n
                \u670d\u52a1\u7aef\u4f1a\u9a8c\u8bc1token\uff0c\u5982\u679c\u9a8c\u8bc1\u901a\u8fc7\u5c31\u4f1a\u8fd4\u56de\u76f8\u5e94\u7684\u8d44\u6e90\u3002\u6574\u4e2a\u6d41\u7a0b\u5c31\u662f\u8fd9\u6837\u7684:<\/p>\n\n\n\n
                \"\"<\/figure><\/div>\n\n\n\n
                \u603b\u7ed3<\/h4>\n\n\n\n
                \u4f18\u70b9<\/h5>\n\n\n\n
                • \u56e0\u4e3ajson\u7684\u901a\u7528\u6027\uff0c\u6240\u4ee5JWT\u662f\u53ef\u4ee5\u8fdb\u884c\u8de8\u8bed\u8a00\u652f\u6301\u7684\uff0c\u50cfJAVA,JavaScript,NodeJS,PHP\u7b49\u5f88\u591a\u8bed\u8a00\u90fd\u53ef\u4ee5\u4f7f\u7528\u3002<\/li>
                • \u56e0\u4e3a\u6709\u4e86payload\u90e8\u5206\uff0c\u6240\u4ee5JWT\u53ef\u4ee5\u5728\u81ea\u8eab\u5b58\u50a8\u4e00\u4e9b\u5176\u4ed6\u4e1a\u52a1\u903b\u8f91\u6240\u5fc5\u8981\u7684\u975e\u654f\u611f\u4fe1\u606f\u3002<\/li>
                • \u4fbf\u4e8e\u4f20\u8f93\uff0cjwt\u7684\u6784\u6210\u975e\u5e38\u7b80\u5355\uff0c\u5b57\u8282\u5360\u7528\u5f88\u5c0f\uff0c\u6240\u4ee5\u5b83\u662f\u975e\u5e38\u4fbf\u4e8e\u4f20\u8f93\u7684\u3002<\/li>
                • \u5b83\u4e0d\u9700\u8981\u5728\u670d\u52a1\u7aef\u4fdd\u5b58\u4f1a\u8bdd\u4fe1\u606f, \u6240\u4ee5\u5b83\u6613\u4e8e\u5e94\u7528\u7684\u6269\u5c55<\/li><\/ul>\n\n\n\n
                  \u5b89\u5168\u76f8\u5173<\/h5>\n\n\n\n
                  • \u4e0d\u5e94\u8be5\u5728jwt\u7684payload\u90e8\u5206\u5b58\u653e\u654f\u611f\u4fe1\u606f\uff0c\u56e0\u4e3a\u8be5\u90e8\u5206\u662f\u5ba2\u6237\u7aef\u53ef\u89e3\u5bc6\u7684\u90e8\u5206\u3002<\/li>
                  • \u4fdd\u62a4\u597dsecret\u79c1\u94a5\uff0c\u8be5\u79c1\u94a5\u975e\u5e38\u91cd\u8981\u3002<\/li><\/ul>\n\n\n\n
                    • \u5982\u679c\u53ef\u4ee5\uff0c\u8bf7\u4f7f\u7528https\u534f\u8bae<\/li><\/ul>\n\n\n\n
                      \u9644\uff1aJWT nodejs Sample \u4ee3\u7801<\/h4>\n\n\n\n
                      • jwtutil \u7c7b<\/li><\/ul>\n\n\n\n
                        const fs = require('fs')\nconst path = require('path')\nconst jwt = require('jsonwebtoken')\n\nclass JWT {\n  constructor(data) {\n    this.data = data\n  }\n\n  generateToken() {\n    const data = this.data\n    try {\n      const cert = fs.readFileSync(path.join(__dirname, '..\/Cert\/rsa_private_key.pem'))\n      const token = jwt.sign({\n        data\n      }, cert, { algorithm: 'RS256', expiresIn: 30 })\n      return { status: 'ok', message: '', data: token }\n    } catch (e) {\n      if (e instanceof jwt.JsonWebTokenError) {\n        return { status: 'error', message: e.message, data: [] }\n      }\n      return { status: 'error', message: e.message, data: [] }\n    }\n  }\n\n  verifyToken(userId, appId) {\n    const token = this.data\n    try {\n      const cert = fs.readFileSync(path.join(__dirname, '..\/Cert\/rsa_public_key.pem'))\n      const result = jwt.verify(token, cert, { algorithms: ['RS256'] }) || {}\n      if (result.data.userId != userId || result.data.appId != appId) {\n        return { status: 'error', message: '', data: [] }\n      }\n    } catch (e) {\n      if (e instanceof jwt.JsonWebTokenError) {\n        \/\/ if the error thrown is because the JWT is unauthorized, return a 401 error\n        return { status: 'error', message: '', data: [] }\n      }\n      return { status: 'error', message: '', data: [] }\n    }\n    return { status: 'ok', message: '', data: [] }\n  }\n}\nmodule.exports = JWT<\/pre>\n\n\n\n
                        • authentication.js<\/li><\/ul>\n\n\n\n
                          const JwtUtils = require('.\/jwtUtil.js')\nconst e = require('express');\n\nconst loginVerify = async function (userId, password, appId) {\n  \/\/ \u7528\u6237\u540d\u5bc6\u7801\u6821\u9a8c\uff0c \u67e5\u8be2\u6570\u636e\u5e93\n  const verifyResult = verifyUserPassword(xxxx);\n  if (verifyResult.status == 'error') {\n    return verifyResult;\n  }\n\n  \/\/ \u6821\u9a8c\u901a\u8fc7\u540e\u751f\u6210token\uff0c \u901a\u8fc7userId \u548c appId\u751f\u6210token\n  let userInfo = { 'userId': userId, 'appId': appId }\n  const jwt = new JwtUtils(userInfo)\n  const tokenResult = jwt.generateToken()\n  if (tokenResult.status != 'ok') {\n    return tokenResult;\n  }\n  return {\n    status: 'ok',\n    message: '',\n    token: tokenResult.data\n  };\n}\n\n\/\/ token\u9a8c\u8bc1\u65b9\u6cd5\uff08\u9a8c\u8bc1\u53d1\u884c\u7684token\u662f\u5426\u6709\u6548\uff09\nconst tokenVerify = function (req, res, next) {\n\n  const url = req.originalUrl\n  \/\/ \u8ba4\u8bc1\u6392\u9664\u5916\u7684url\n  const urlArr = ['\/common\/login']\n  const isNext = urlArr.find(item => item === url)\n  if (isNext) {\n    return next()\n  }\n\n  const token = req.get('token') || ''\n  const userId = req.get('userId') || ''\n  const appId = req.get('appId') || ''\n\n  const jwt = new JwtUtils(token)\n  const result = jwt.verifyToken(userId, appId)\n  if (result.status != 'ok') {\n    res.json(result);\n  } else {\n    return next()\n  }\n}\n\n<\/pre>\n\n\n\n
                          • nodejs \u6839router \u7c7b<\/li><\/ul>\n\n\n\n
                            const express = require('express');\nconst auth = require('.\/Jwt\/authentication.js');\nconst router = express.Router();\n\n\/\/ \u62e6\u622a\u6240\u6709\u7684\u670d\u52a1\u5668\u7aef\u63a5\u53e3\u8c03\u7528\uff0c \u8fdb\u884ctoken\u9a8c\u8bc1\uff0c \u9a8c\u8bc1\u901a\u8fc7\u4ee5\u540e\uff0c \u901a\u8fc7Next\uff08\uff09\u8c03\u7528\u771f\u6b63\u7684\u63a5\u53e3\u65b9\u6cd5\u3002\nrouter.use(function (req, res, next) {\n    const appId = req.get('appId') || '';\n    if (appId != \"\") {\n        auth.tokenVerify(req, res, next);\n        return;\n    }\n    return next();\n})\n\n\/\/ \u7528\u6237\u540d\u5bc6\u7801\u6821\u9a8c\n\/\/ \u6821\u9a8c\u901a\u8fc7\u540e\uff0c \u751f\u6210token\uff0c \u8fd4\u56declient\u7aef\u672b\u3002\nrouter.post('\/common\/login', async function (req, res) {\n\n    const jsonParm = req.body;\n    \/\/ \u7528\u6237\u540d\u5bc6\u7801\u6821\u9a8c \u751f\u6210token\n    const loginVerifyResult = await auth.loginVerify(jsonParm.userId, jsonParm.password);\n    res.json(loginVerifyResult);\n  });\n\n\/\/ \u5176\u4ed6\u7684\u5b50router\nrouter.use('\/xxxxx', xxxxx);\nrouter.use('\/xxxxx', xxxxx);\nrouter.use('\/xxxxx', xxxxx);\n\nmodule.exports = router;\n<\/pre>\n","protected":false},"excerpt":{"rendered":"
                            \u4ec0\u4e48\u662fJWT Json web token (JWT), \u662f\u4e3a\u4e86\u5728\u7f51\u7edc\u5e94\u7528\u73af\u5883\u95f4\u4f20\u9012\u58f0\u660e\u800c\u6267\u884c\u7684\u4e00\u79cd\u57fa\u4e8eJSO […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[18],"tags":[],"_links":{"self":[{"href":"https:\/\/92it.top\/index.php?rest_route=\/wp\/v2\/posts\/1203"}],"collection":[{"href":"https:\/\/92it.top\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/92it.top\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/92it.top\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/92it.top\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1203"}],"version-history":[{"count":8,"href":"https:\/\/92it.top\/index.php?rest_route=\/wp\/v2\/posts\/1203\/revisions"}],"predecessor-version":[{"id":1226,"href":"https:\/\/92it.top\/index.php?rest_route=\/wp\/v2\/posts\/1203\/revisions\/1226"}],"wp:attachment":[{"href":"https:\/\/92it.top\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1203"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/92it.top\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1203"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/92it.top\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1203"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}