43 lines
1.0 KiB
JavaScript
43 lines
1.0 KiB
JavaScript
const jwt = require('jsonwebtoken');
|
|
const { promisify } = require('util');
|
|
const db = require('../config/database');
|
|
|
|
module.exports = async (req, res, next) => {
|
|
// 获取token
|
|
const token = req.header('Authorization')?.replace('Bearer ', '');
|
|
|
|
if (!token) {
|
|
return res.status(401).json({
|
|
code: 401,
|
|
message: '未提供认证令牌'
|
|
});
|
|
}
|
|
|
|
try {
|
|
// 验证token
|
|
const decoded = await promisify(jwt.verify)(token, process.env.JWT_SECRET);
|
|
|
|
// 检查用户是否存在
|
|
const [user] = await db.query(
|
|
'SELECT id, username, role FROM users WHERE id = ?',
|
|
[decoded.id]
|
|
);
|
|
|
|
if (!user || user.length === 0) {
|
|
return res.status(401).json({
|
|
code: 401,
|
|
message: '用户不存在或已被删除'
|
|
});
|
|
}
|
|
|
|
// 将用户信息添加到请求对象
|
|
req.user = user[0];
|
|
next();
|
|
} catch (err) {
|
|
console.error(err);
|
|
return res.status(401).json({
|
|
code: 401,
|
|
message: '无效的认证令牌'
|
|
});
|
|
}
|
|
}; |