token:(引入jsonwebtoken模块)
对称加密,一个秘钥进行加密解密
const crypto = require('crypto');
// 产生token
let obj = {
a: 1,
b: 2,
};
let sec = 'HelloWorld'
let res = jwt.sign(obj, sec,{ algorithm: 'RS256'});//传入加密的对象,秘钥,加密方式
console.log(res);
//解析token
let sec2 = jwt.verify('eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhIjoxLCJiIjoyLCJpYXQiOjE1NDM5ODA0NTF9.ORMQa_LBbDCd7XEEHgVGN2EnccL2kTOyDidE-b4ANMY', sec);
console.log(sec2);
非对称加密,通过私钥进行加密,公钥解密
产生私钥 openssl genrsa -out private_key.pem 1024
由私钥产生公钥 openssl rsa -in private_key.pem -pubout -out public_key.pem
var selfkey = fs.readFileSync(path.join(__dirname, 'key.pem'));//读取私钥路径
var jwtset = jwt.sign({
a: 1,
b: 2,
c: 3
}, selfkey, {
algorithm: 'RS256'
});
console.log(jwtset);
var otherkey = fs.readFileSync(path.join(__dirname, 'public_key.pem'));//读取公钥路径
var jwtget = jwt.verify(jwtset, otherkey, {
algorithm: 'RS256'
});
console.log(jwtget);crypto和bcrypt
// 数据库密码加密
// 内置crypto
// MD5
const hash = crypto.createHash('md5');
hash.update('HelloWorld');
console.log(hash.digest('hex'));
// Hmac
const hmac = crypto.createHmac('sha256', '12345');
hmac.update('HelloWorld');
console.log(hmac.digest('hex'));
// 第三方bcrypt
const pass = 'qazwsx123';
const saltRounds = 10;
bcrypt.genSalt(saltRounds, (err, salt) => {
bcrypt.hash(pass, salt, (err, hash) => {
let result= bcrypt.compareSync('qazwsx123', hash);
console.log(result);
});
});