问题描述

我正在开发一个 nodeJS 应用程序.到目前为止，我已经了解到您可以使用 JWT 保护路由，并且我已经实现了这一点.问题是，我不确定如何保护允许用户发帖的路线.

I am working on a nodeJS application. So far i've learned you can protect routes with JWT and i've implemented this. The problem is, I am not sure how to protect a route where the user is allowed to post to.

以注册路由为例，该路由将用于用户注册.我希望用户能够发布此内容，但只能从我的应用程序中发布.我不希望任何人都能够通过邮递员连接到它并发布任何内容.你如何保护这些路由.

Let's take a register route for example, this route will be used for user registration. I want users to be able to post to this, BUT only from my application. I dont want anyone to just be able to connect to it via postman and post whatever. How do you protect these kind of routes.

提前致谢.

推荐答案

您可以使用 CORS 中间件来仅允许特定客户端访问您的服务器 https://expressjs.com/en/resources/middleware/cors.html

You can use CORS middleware to allow only specific clients to access your server https://expressjs.com/en/resources/middleware/cors.html

示例:

var express = require('express')
var cors = require('cors')
var app = express()

var corsOptions = {
  origin: 'http://example.com',
}

app.get('/products/:id', cors(corsOptions), function (req, res, next) {
  res.json({msg: 'This is CORS-enabled for only example.com.'})
})

app.listen(80, function () {
  console.log('CORS-enabled web server listening on port 80')
})

这篇关于保护发布路由 NodeJS的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！