18.jwt加密

时间:2023-03-09 13:39:47
18.jwt加密

jwt 官网https://jwt.io/

jwt:json web token

jwt-simple: https://www.npmjs.com/package/jwt-simple

jsonwebtoken:https://www.npmjs.com/package/jsonwebtoken

express-jwt : https://www.npmjs.com/package/express-jwt

安装:

cnpm i -S jwt-simple

JWT的结构

JWT包含了使用.分隔的三部分: Header 头部 Payload 负载 Signature 签名

其结构看起来是这样的Header.Payload.Signature

传输方式:

1、get

2、post

3、headers

headers:{

	Authorization: `Beare ${token}`

}

获取 req.headers["authorization"]

核心:base64

1、编码 Buffer.from(str/buffer).toString("base64");

2、解码 Buffer.from(str/buffer,"base64").toString();

exp1:

jwt-simple使用

jwt.js

1、

const jwt = require ("jwt-simple");

let payload = {username:"aaa"};

const secret = "secret";

const token = jwt.encode(payload,secret);

console.log("jwt toekn",token);

var decoded = jwt.decode(token,secret);

console.log(decoded);

2、

const jwt = require ("jwt-simple");

let payload = {username:"aaa"};

const secret = "secret";

let token = jwt.encode(payload,secret);

console.log("jwt toekn","|"+token+"|");

//token = "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VybddmFtZSI6ImFhYSJ9.fTx6_s9QbdddSyt5zXqtdqBqmwIdmoN9ju0f8dpOf5oPlc ";

token ="eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VybmFtZSI6ImFhYSJ9.fTx6_s9QbSyt5zXqtdqBqmwIdmoN9ju0f8dpOf5oPlc"

var decoded = jwt.decode(token,secret);

console.log(decoded);
base64:
图片转base64:
const fs = require("fs");

let data = fs.readFileSync("1.png");

let base64 = Buffer.from(data).toString("base64");

console.log(base64);
转base64:
let secret = "secret";//c2VjcmV0

let base64 = Buffer.from(secret).toString("base64");

console.log(base64);
解base64:
let base64 = "c2VjcmV0";// secret

let secret = Buffer.from(base64,"base64").toString();

console.log(secret);
自己写jwt=> myjwt.js
const crypto = require("crypto");

const jwt = {

    encodeBase64(str){

        return Buffer.from(str).toString("base64");

    },

    decodeBase64(str){

        return Buffer.from(str,"base64").toString();

    },

     //编码

    encode(payload,secret){

        let header = {"typ":"JWT","alg":"HS256"};

        let headerBase64 = this.encodeBase64(JSON.stringify(header));

        let payloadBase64 = this.encodeBase64(JSON.stringify(payload));

        let sign = this.sign([headerBase64,payloadBase64].join("."),secret);

        return [headerBase64,payloadBase64,sign].join(".");

    },

    //解码

    decode(token,secret){

        let [header,payload,sign] = token.split(".");

        return JSON.parse(this.decodeBase64(payload));

    },

    sign(str,secret){

        return crypto.createHmac("sha256",secret).update(str).digest("base64");

    }

}

let payload = {username:"aaa"};

let secret = "secret";

let token = jwt.encode(payload,secret);

console.log(token);

payload = jwt.decode(token,secret);

console.log(payload);

相关文章