问题描述
我正在开发一个 nodeJS 应用程序.到目前为止,我已经了解到您可以使用 JWT 保护路由,并且我已经实现了这一点.问题是,我不确定如何保护允许用户发帖的路线.
I am working on a nodeJS application. So far i've learned you can protect routes with JWT and i've implemented this. The problem is, I am not sure how to protect a route where the user is allowed to post to.
以注册路由为例,该路由将用于用户注册.我希望用户能够发布此内容,但只能从我的应用程序中发布.我不希望任何人都能够通过邮递员连接到它并发布任何内容.你如何保护这些路由.
Let's take a register route for example, this route will be used for user registration. I want users to be able to post to this, BUT only from my application. I dont want anyone to just be able to connect to it via postman and post whatever. How do you protect these kind of routes.
提前致谢.
推荐答案
您可以使用 CORS 中间件来仅允许特定客户端访问您的服务器 https://expressjs.com/en/resources/middleware/cors.html
You can use CORS middleware to allow only specific clients to access your server https://expressjs.com/en/resources/middleware/cors.html
示例:
var express = require('express')
var cors = require('cors')
var app = express()
var corsOptions = {
origin: 'http://example.com',
}
app.get('/products/:id', cors(corsOptions), function (req, res, next) {
res.json({msg: 'This is CORS-enabled for only example.com.'})
})
app.listen(80, function () {
console.log('CORS-enabled web server listening on port 80')
})
这篇关于保护发布路由 NodeJS的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!