一步一步学Vue
Posted
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了一步一步学Vue相关的知识,希望对你有一定的参考价值。
接上篇,这次是真的接上篇,针对上篇未完成的部分,增加鉴权功能,开始之前,我们先要介绍一个新的知识,路由元数据。
在vue-router中,定义元数据的方式:
const router = new VueRouter({ routes: [ { path: \'/foo\', component: Foo, children: [ { path: \'bar\', component: Bar, // a meta field meta: { requiresAuth: true } } ] } ] })
那么如何访问这个 meta 字段呢?
首先,我们把routes 配置中的每个路由对象叫做路由记录。路由记录可以是嵌套的,因此,当一个路由匹配成功后,他可能匹配多个路由记录
例如,根据上面的路由配置,/foo/bar 这个 URL 将会匹配父路由记录以及子路由记录。
一个路由匹配到的所有路由记录会暴露为 $route 对象(还有在导航钩子中的 route 对象)的 $route.matched 数组。因此,我们需要遍历 $route.matched 来检查路由记录中的 meta 字段。
所以在vue-router官方文档中,我们可以看到下面的代码,其实就是前端路由授权的粗糙实现方式(代码不做过多解释,里面我加入了详细的注释):
router.beforeEach((to, from, next) => { if (to.matched.some(record => record.meta.requiresAuth)) { // 如果路由配置了元数据requiresAuth为true,则需要鉴权,这是需要判断是否登录 // 如果没有登录则跳转到login页面 if (!auth.loggedIn()) { next({ path: \'/login\', //这里传递fullPath,是为了登录之后作为return back query: { redirect: to.fullPath } }) } else { //如果已经登录过,直接执行进入下一步 next() } } else { //对没有配置requiresAuth的路由进行处理,如果不加入,则路由未配置requiresAuth,无法进入,所以确保一定要调用 next() next() } })
好了,基础知识介绍完毕,现在我们把我们的路由加入meta信息,启用权限验证:
var router = new VueRouter({ routes: [{ name: \'home\', path: \'/home\', component: HomeComponent }, { name: \'customers\', path: \'/customers\', component: CustomerListComponent, meta: { auth: true } }, { name: \'detail\', path: \'/detail/:id\', component: CustomerComponent, meta: { auth: true } }, { name: \'login\', path: \'/login\', component: LoginComponent } ] });
//注册全局事件钩子 router.beforeEach(function (to, from, next) { //如果路由中配置了meta auth信息,则需要判断用户是否登录; if (to.matched.some(r => r.meta.auth)) { //登录后会把token作为登录的标示,存在localStorage中 if (!localStorage.getItem(\'token\')) { console.log("需要登录"); next({ path: \'/login\', query: { to: to.fullPath } }) } else { next(); } } else { next() } });
更新代码后,可以跟目录运行node app.js ,打开8110端口,查看,运行效果如下:
这个时候,无论从浏览器地址栏还是通过跳转方式,在点击配置了 meta:{auth:true}的路由时,如果没有登录,都会跳转到登录页面,并记录return back url。
下面我们加入登录逻辑,并修改后台接口,支持用户授权,后台我们使用jwt的一个实现https://github.com/auth0/node-jsonwebtoken ,直接使用npm 安装即可,对jwt不太了解的同学,可以搜索 json web token (jwt)(另外为了读取http body,我们这里会使用 body-parser,可以直接使用npm install --save body-parser 安装)。
首先修改我们的登录组件:
methods: { login: function () { var self = this; axios.post(\'/login\', this.user) .then(function (res) { console.log(res); if (res.data.success) { localStorage.setItem(\'token\', res.data.token); console.log(self.$router); self.$router.push({ path: self.$route.query.to }); } else { alert(res.data.errorMessage); } }) .catch(function (error) { console.log(error); }); } }
并添加全局拦截器,在任何ajax请求中加入token 头,如果熟悉angular拦截器的同学对axios实现的拦截器应该很熟悉的,这和jquery 对Ajax.setting的设置类似:
// request 拦截器 ,对所有请求,加入auth axios.interceptors.request.use( cfg => { // 判断是否存在token,如果存在,则加上token if (localStorage.getItem(\'token\')) { cfg.headers.Authorization = localStorage.getItem(\'token\'); } return cfg; }, err => { return Promise.reject(err); }); // http response 拦截器 axios.interceptors.response.use( res => { return res; }, err => { if (err.response) { switch (err.response.status) { case 401: //如果未授权访问,则跳转到登录页面 router.replace({ path: \'/login\', query: {redirect: router.currentRoute.fullPath} }) } } return Promise.reject(err.response.data) });
这样,我们再每次请求的时候,如果token存在,则就会带上token;
接着,修改我们的后端部分,加入处理登录,以及生成解析token的部分,修改我们的authMiddleware.js文件:
var jwt = require(\'jsonwebtoken\'); /** * 有效用户列表 */ var validUsers = [{ username: \'zhangsan\', password: \'123456\' }, { username: \'lisi\', password: \'123456\' }]; //FIXME:这个作为密钥,一定要安全的,这里我为了简单就直接写了一大段字符串 const secretKey = \'dhahr3uiudfu93u43i3uy43&*&$#*&437hjhfjdjhfdfjsy8&*&*JNFSJDJHH??>:LP\'; /** * 创建token * @param {用户对象} user */ var createToken = function (user) { /** * 创建token 并设置过期时间为一个小时 */ return jwt.sign({ data: user, exp: Math.floor(Date.now() / 1000) + (60 * 60) }, secretKey); } /** * 解析token * @param {用户需要验证的token} token */ var parseToken = function (token, callback) { jwt.verify(token, secretKey, function (err, result) { callback && callback(err, result); }); } module.exports = function (req, res, next) { //如果是登录请求 console.log(req.path); if (req.path === "/login") { var username = req.body.username; var password = req.body.password; //判断用户名和密码是否正确 var user = validUsers.filter(u => u.username === username && u.password === password)[0]; //如果用户用户名密码匹配成功,直接创建token并返回 if (user) { res.json({ success: true, token: createToken(user) }) } else { res.json({ success: false, errorMessage: \'username or password is not correct,please retry again\' }) } } else {//如果不是登录请求,则需要检查token 的合法性 var token = req.get(\'Authorization\'); console.log(token); if (token) { parseToken(token, function (err, result) { if (err) {//如果解析失败,则返回失败信息 res.status(401).json( { success: false, errorMessage: JSON.stringify(err) }) } else { next(); } }) }else{ res.status(401).json({ success:false, errorMessage:\'未授权的访问\' }); } } }
上述代码加上注释应该没什么复杂度的,各位同学应该可以看的明白,这样之后,我们启用我们的授权中间件,修改/app.js文件:
var express = require("express"); var bodyParser = require("body-parser"); var authMiddleware = require(\'./middleware/authMiddleware\'); var customerRouter = require(\'./router/customers\'); var app = express(); app.use(express.static(\'public\')); app.get(\'/portal\', function (req, res) { res.json({ data: [ { visits: 12, clicks: 100 }, { location: \'BeiJing\', total: 17 } ] }) }) app.use(bodyParser.json()) app.use(authMiddleware); app.use(\'/api\', customerRouter);
运行我们的代码可以看到如下效果:
博客园对图片大小有要求,不能很好的截取,就只截取了一部分,这是登录后的效果,登录前的效果,大家可以自己测试,完整代码如下:
/app.js
var express = require("express"); var bodyParser = require("body-parser"); var authMiddleware = require(\'./middleware/authMiddleware\'); var customerRouter = require(\'./router/customers\'); var app = express(); app.use(express.static(\'public\')); app.get(\'/portal\', function (req, res) { res.json({ data: [ { visits: 12, clicks: 100 }, { location: \'BeiJing\', total: 17 } ] }) }) app.use(bodyParser.json()) app.use(authMiddleware); app.use(\'/api\', customerRouter); app.listen(8110, function () { console.log("port 8110 is listenning!!!"); });
/public/app.js
var LoginComponent = { template: ` <div class="login" > username:<input type="text" v-model="user.username" /> password:<input type="password" v-model="user.password" /> <input type="button" @click="login()" value="login" /> </div> `, data: function () { return { user: { username: \'\', password: \'\' } } }, methods: { login: function () { var self = this; axios.post(\'/login\', this.user) .then(function (res) { console.log(res); if (res.data.success) { localStorage.setItem(\'token\', res.data.token); console.log(self.$router); self.$router.push({ path: self.$route.query.to }); } else { alert(res.data.errorMessage); } }) .catch(function (error) { console.log(error); }); } } } var CustomerListComponent = { template: ` <div> <div> <input type="text" v-model="keyword" /> <input type="button" @click="getCustomers()" value="search" /> </div> <ul> <router-link v-for="c in customers" tag="li" :to="{name:\'detail\',params:{id:c.id}}" :key="c.id">{{c.name}}</router-link> </ul> </div> `, data: function () { return { customers: [], keyword: \'\' } }, created: function () { this.getCustomers(); }, methods: { getCustomers: function () { axios.get(\'/api/getCustomers\', { params: { keyword: this.keyword } }) .then(res => { this.customers = res.data; console.log(res) }) .catch(err => console.log(err)); }, } } var CustomerComponent = { template: ` <div> {{customer}} </div> `, data: function () { return { customer: {} } }, created: function () { var id = this.$route.params.id; this.getCustomerById(id); }, watch: { \'$route\': function () { console.log(this.$route.params.id); } }, methods: { getCustomerById: function (id) { axios.get(\'/api/customer/\' + id) .then(res => this.customer = res.data) .catch(err => console.log(err)); } } } var HomeComponent = { template: `<div> <h1>Home 页面,portal页</h1> <h2>以下数据来自服务端</h2> {{stat}} </div>`, data: function () { return { stat: \'\'//代表相关统计信息等 } }, methods: { getStat: function () { return axios.get(\'/portal\'); } }, created: function () { this.getStat().then(res => { this.stat = JSON.stringify(res.data); }).catch(err => { console.log(err); }) } } var router = new VueRouter({ routes: [{ name: \'home\', path: \'/home\', component: HomeComponent }, { name: \'customers\', path: \'/customers\', component: CustomerListComponent, meta: { auth: true } }, { name: \'detail\', path: \'/detail/:id\', component: CustomerComponent, meta: { auth: true } }, { name: \'login\', path: \'/login\', component: LoginComponent } ] }); //注册全局事件钩子 router.beforeEach(function (to, from, next) { //如果路由中配置了meta auth信息,则需要判断用户是否登录; if (to.matched.some(r => r.meta.auth)) { //登录后会把token作为登录的标示,存在localStorage中 if (!localStorage.getItem(\'token\')) { console.log("需要登录"); next({ path: \'/login\', query: { to: to.fullPath } }) } else { next(); } } else { next() } }); // request 拦截器 ,对所有请求,加入auth axios.interceptors.request.use( cfg => { // 判断是否存在token,如果存在,则加上token if (localStorage.getItem(\'token\')) { cfg.headers.Authorization = localStorage.getItem(\'token\'); } return cfg; }, err => { return Promise.reject(err); }); // http response 拦截器 axios.interceptors.response.use( res => { return res; }, err => { if (err.response) { switch (err.response.status) { case 401: //如果未授权访问,则跳转到登录页面 router.replace({ path: \'/login\', query: {redirect: router.currentRoute.fullPath} }) } } return Promise.reject(err.response.data) }); var app = new Vue({ router: router, template: ` <div> <router-link :to="{name:\'home\'}" >Home</router-link> <router-link :to="{name:\'customers\'}" >Customers</router-link> <router-view></router-view> </div> `, el: \'#app\' });
/public/index.html
<!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <meta http-equiv="X-UA-Compatible" content="ie=edge"> <title>demo3</title> <script src="https://cdn.bootcss.com/vue/2.4.1/vue.js"></script> <script src="https://cdn.bootcss.com/vue-router/2.7.0/vue-router.js"></script> <script src="https://cdn.bootcss.com/axios/0.16.2/axios.js"></script> </head> <body> <div id="app"> </div> <script src="./app.js"></script> </body> </html>
/router/customers.js
var router = require("express").Router(); var db = require(\'./fakeData\'); router.get(\'/getCustomers\', function (req, res) { var list = db.data; list = list.filter(v => v.name.indexOf(req.query.keyword) !== -1); res.json(list); }); router.get(\'/customer/:id\',function(req,res){ var list=db.data; var obj=list.filter(v=>v.id==req.params.id)[0]; res.json(obj); }) module.exports = router;
/router/fakeData.json
{ "data": [ { "id":1, "name": "zhangsan", "age": 14, "sexy": "男", "majar": "学生" }, { "id":2, "name": "lisi", "age": 19, "sexy": "女", "majar": "学生" }, { "id":3, "name": "wangwu", "age": 42, "sexy": "男", "majar": "工人" }, { "id":4, "name": "maliu", "age": 10, "sexy": "男", "majar": "学生" }, { "id":5, "name": "wangermazi", "age": 82, "sexy": "男", "majar": "画家" }, { "id":6, "name": "liudehua", "age": 55, "sexy": "男", "majar": "天王" }, { "id":7, "name": "zhoujielun", "age": 14, "sexy": "男", "majar": "歌手" }, { "id":8, "name": "wangfei", "age": 50, "sexy": "女", "majar": "歌手" }, { "id":9, "name": "mayun", "age": 60, "sexy": "男", "majar": "老板" } ] }
/middleware/authMiddleware.js
var jwt = require(\'jsonwebtoken\'); /** * 有效用户列表 */ var validUsers = [{ username: \'zhangsan\', password: \'123456\' }, { username: \'lisi\', password: \'123456\' }]; //FIXME:这个作为密钥,一定要安全的,这里我为了简单就直接写了一大段字符串 const secretKey = \'dhahr3uiudfu93u43i3uy43&*&$#*&437hjhfjdjhfdfjsy8&*&*JNFSJDJHH??>:LP\'; /** * 创建token * @param {用户对象} user */ var createToken = function (user) { /** * 创建token 并设置过期时间为一个小时 */ return jwt.sign({ data: user, exp: Math.floor(Date.now() / 1000) + (60 * 60) }, secretKey); } /** * 解析token * @param {用户需要验证的token} token */ var parseToken = function (token, callback) { jwt.verify(token, secretKey, function (err, result) { callback && callback(err, result); }); } module.exports = function (req, res, next) { //如果是登录请求 console.log(req.path); if (req.path === "/login") { var username = req.body.username; var password = req.body.password; //判断用户名和密码是否正确 var user = validUsers.filter(u => u.username === username && u.password === password)[0]; //如果用户用户名密码匹配成功,直接创建token并返回 if (user) { res.json({ success: true, token: createToken(user) }) } else { res.json({ success: false, errorMessage: \'username or password is not correct,please retry again\' }) } } else {//如果不是登录请求,则需要检查token 的合法性 var token = req.get(\'Authorization\'); console.log(token); if (token) { parseToken(token, function (err, result) { if (err) {//如果解析失败,则返回失败信息 res.status(401).json( { success: false, errorMessage: JSON.stringify(err) }) } else { next(); } }) }else{ res.status(401).json({ success:false, errorMessage:\'未授权的访问\' }); } } }
/package.json
{ "name": "vue_demo3", "version": "1.0.0", "description": "", "main": "app.js", "scripts": { "test": "echo \\"Error: no test specified\\" && exit 1" }, "author": "", "license": "ISC", "dependencies": { "body-parser": "^1.17.2", "express": "^4.15.3", "jsonwebtoken": "^7.4.1" } }
以上是关于一步一步学Vue的主要内容,如果未能解决你的问题,请参考以下文章