koa+jwt

app.js 里面

 const koaJwt = require('koa-jwt') // jwt
const {
    SEARET // 加密字符串
} = require('../conf/secretKeys')
//jwt 中间件
app.use(koaJwt({
    secret: SEARET // 加密字符串
}).unless({
    path: [/^\/users\/login/] // 哪一个接口忽略jwt验证
}))

users 里面

const jwt = require('jsonwebtoken') // jwt生成token
const util = require('util')
const verify = util.promisify(jwt.verify)
const {
    SEARET // 加密字符串 
} = require('../conf/secretKeys')
// 模拟登录 // 加密token
router.post('/login', async (ctx, next) => {
    const { userName, password } = ctx.request.body
    let userInfo = null
    if (userName == 'zhangsan' && password == '123') {
        userInfo = {
            userName: 'zhangsan',
            userId: 1,
            nickName: '张三',
            gender: 1 // 男
        }
    }

    if (userInfo == null) {
        ctx.body = {
            code: -1,
            msg: '失败'
        }
        return
    }
    // 加密token
    let token = null
    token = jwt.sign(userInfo, SEARET, { expiresIn: '24h' })
    ctx.body = {
        code: 1,
        data: token
    }
})


// 获取用户信息 验证jwt
router.get('/getUserInfo', async (ctx, next) => {
    const token = ctx.header.authorization
    try {
        const payload = await verify(token.split(' ')[1], SEARET)
        ctx.body = {
            code: 0,
            userInfo: payload
        }
    } catch (error) {
        ctx.body = {
            code: 404,
            msg: 'token 过期'
        }
    }
})

注意 Bearer 前缀和 const token = ctx.header.authorization authorization小写