稍後記得把範例的mLab URL與帳號密碼改為你自己的
const authToken = (req,res,next) => {
const token = req.cookies.t;
if (token) {
jwt.verify(req.cookies.t, jwtSecret, (err, decoded) => {
if(decoded){
next();
} else {
res.end('token not correct');
}
});
} else {
res.end('no Token');
}
}
app.put('/leavemsg',authToken,(req,res) => {
Post.findOne({ _id: req.body.id })
.then(data => {
let newComments = data.comments;
newComments.push({
title : req.body.title,
content : req.body.content,
authorAccount : req.body.authorAccount,
userAvatar: req.body.userAvatar,
date: Date.now() + 1000 * 60 * 60 * 8
})
Post.update({ _id: req.body.id },{ $set : {
comments: newComments,
lastModify : Date.now() + 1000 * 60 * 60 * 8
}})
.then(data => {
res.end(JSON.stringify(data))
})
})
})