Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
(req, res) => {
// If errors return 422, client didn't provide required values
const errors = validationResult(req);
if (!errors.isEmpty()) {
return res.status(422).json({ errors: errors.array() });
}
// Otherwise use the server secret to encode the user's request as a JWT
let info = {};
info.token = jwt.encode(req.body, secret);
res.json(info);
});
function createToken(openid,nickname) {
const tokenExpiresTime = 1000 * 60 * 60 * 24 * 7 // 7天过期时间
const JWT_SECRET = 'weixin_token' // 秘钥
// 需要加密的对象
const payload = {
openid: openid,
username:nickname,
environment: 'web',
expires: Date.now() + tokenExpiresTime
}
// encode
const token = jwt.encode(payload, JWT_SECRET)
return token
}
bcrypt.compare(candidatePassword, savedPassword, function (err, isMatch) {
if (isMatch) {
token = jwt.encode(user.get('username'), 'secret');
db.emit('userLogin', {
token: token,
username: user.get('username'),
email: user.get('email')
});
}
else {
token = undefined;
console.log("Password Incorrect");
db.emit('userLogin', token);
}
});
}else{
bcrypt.compare(password, found.get('password'), function(err, result) {
if(result) {
console.log("HELLO!", result);
var token = jwt.encode({username: username}, secret);
validObj.token = token;
validObj.isValid = true;
validObj.username = username;
res.send(validObj);
} else {
validObj.passwordFailed = true;
res.send(validObj);
}
});
} else {
function createJWT(uid) {
var payload = {
sub: uid,
iat: moment().unix(),
exp: moment()
.add(14, 'days')
.unix()
};
console.log(payload);
return jwt.encode(payload, TOKEN_SECRET);
}
getToken (user) {
return {
type: 'JWT',
token: jwt.encode({ uuid: user.uuid }, secret)
}
}
bcrypt.compare(password, user.hash, (err, res) => {
if (err) return callback(err);
if (!res) return callback(new Error('Invalid password'));
const token = jwt.encode({
username: username,
expire: Date.now() + (1000 * 60 * 60) //1 hour
}, tokenSecret);
callback(null, token);
});
});
bcrypt.compare(password, user.hash, (err, res) => {
if (err) return callback(err);
if (!res) return callback(new Error('Invalid password'));
const token = jwt.encode({
username: username,
expire: Date.now() + (1000 * 60 * 60) //1 hour
}, tokenSecret);
callback(null, token);
});
});
bcrypt.compare(password, user.hash, (err, res) => {
if(err) return callback(err);
if(!res) return callback(new Error('Invalid password'));
const token = jwt.encode({
username: username,
expire: Date.now() + (1000 * 60 * 60) //1 hour
}, tokenSecret);
callback(null, token);
});
});
function createToken (user) {
var payload = {
sub: user.id,
iat: moment().unix(),
exp: moment().add(14, 'days').unix()
};
return jwt.encode(payload, config.TOKEN_SECRET);
}