141 lines
464 KiB
HTML
141 lines
464 KiB
HTML
|
<!DOCTYPE html>
|
|||
|
|
<html><head><title>Token 鉴权</title><meta charSet="utf-8"/><meta name="viewport" content="width=device-width, initial-scale=1.0"/><meta property="og:title" content="Token 鉴权"/><meta property="og:description" content="Token 鉴权."/><meta property="og:image" content="https://wiki.7wate.com/static/og-image.png"/><meta property="og:width" content="1200"/><meta property="og:height" content="675"/><link rel="icon" href="../../../../static/icon.png"/><meta name="description" content="Token 鉴权."/><meta name="generator" content="Quartz"/><link rel="preconnect" href="https://fonts.googleapis.com"/><link rel="preconnect" href="https://fonts.gstatic.com"/><script async src="https://umami.7wate.com/script.js" data-website-id="c061efdc-95dd-4d21-9d04-a1ffda0a85b9"></script><script>
|
|||
|
|
var _hmt = _hmt || [];
|
|||
|
|
(function() {
|
|||
|
|
var hm = document.createElement("script");
|
|||
|
|
hm.src = "https://hm.baidu.com/hm.js?94d8ccb156eb7c65abf317e6e01cdba9";
|
|||
|
|
var s = document.getElementsByTagName("script")[0];
|
|||
|
|
s.parentNode.insertBefore(hm, s);
|
|||
|
|
})();
|
|||
|
|
</script><script async src="https://www.googletagmanager.com/gtag/js?id=G-MHMEL0F832"></script><script>
|
|||
|
|
(function() {
|
|||
|
|
window.dataLayer = window.dataLayer || [];
|
|||
|
|
function gtag() {
|
|||
|
|
window.dataLayer.push(arguments);
|
|||
|
|
}
|
|||
|
|
gtag('js', new Date());
|
|||
|
|
gtag('config', 'G-MHMEL0F832');
|
|||
|
|
})();
|
|||
|
|
</script><link href="../../../../index.css" rel="stylesheet" type="text/css" spa-preserve/><link href="https://cdn.jsdelivr.net/npm/katex@0.16.0/dist/katex.min.css" rel="stylesheet" type="text/css" spa-preserve/><link href="https://fonts.googleapis.com/css2?family=IBM Plex Mono&family=Schibsted Grotesk:wght@400;700&family=Source Sans Pro:ital,wght@0,400;0,600;1,400;1,600&display=swap" rel="stylesheet" type="text/css" spa-preserve/><script src="../../../../prescript.js" type="application/javascript" spa-preserve></script><script type="application/javascript" spa-preserve>const fetchData = fetch(`../../../../static/contentIndex.json`).then(data => data.json())</script></head><body data-slug="Technology/ComputerSecurity/用户安全/用户鉴权/Token-鉴权"><div id="quartz-root" class="page"><div id="quartz-body"><div class="left sidebar"><h1 class="page-title "><a href="../../../..">📚 X·Eden</a></h1><div class="spacer mobile-only"></div><div class="search "><div id="search-icon"><p>Search</p><div></div><svg tabIndex="0" aria-labelledby="title desc" role="img" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 19.9 19.7"><title id="title">Search</title><desc id="desc">Search</desc><g class="search-path" fill="none"><path stroke-linecap="square" d="M18.5 18.3l-5.4-5.4"></path><circle cx="8" cy="8" r="7"></circle></g></svg></div><div id="search-container"><div id="search-space"><input autocomplete="off" id="search-bar" name="search" type="text" aria-label="Search for something" placeholder="Search for something"/><div id="results-container"></div></div></div></div><div class="darkmode "><input class="toggle" id="darkmode-toggle" type="checkbox" tabIndex="-1"/><label id="toggle-label-light" for="darkmode-toggle" tabIndex="-1"><svg xmlns="http://www.w3.org/2000/svg" xmlnsXlink="http://www.w3.org/1999/xlink" version="1.1" id="dayIcon" x="0px" y="0px" viewBox="0 0 35 35" style="enable-background:new 0 0 35 35;" xmlSpace="preserve"><title>Light mode</title><path d="M6,17.5C6,16.672,5.328,16,4.5,16h-3C0.672,16,0,16.672,0,17.5 S0.672,19,1.5,19h3C5.328,19,6,18.328,6,17.5z M7.5,26c-0.414,0-0.789,0.168-1.061,0.439l-2,2C4.168,28.711,4,29.086,4,29.5 C4,30.328,4.671,31,5.5,31c0.414,0,0.789-0.168,1.06-0.44l2-2C8.832,28.289,9,27.914,9,27.5C9,26.672,8.329,26,7.5,26z M17.5,6 C18.329,6,19,5.328,19,4.5v-3C19,0.672,18.329,0,17.5,0S16,0.672,16,1.5v3C16,5.328,16.671,6,17.5,6z M27.5,9 c0.414,0,0.789-0.168,1.06-0.439l2-2C30.832,6.289,31,5.914,31,5.5C31,4.672,30.329,4,29.5,4c-0.414,0-0.789,0.168-1.061,0.44 l-2,2C26.168,6.711,26,7.086,26,7.5C26,8.328,26.671,9,27.5,9z M6.439,8.561C6.711,8.832,7.086,9,7.5,9C8.328,9,9,8.328,9,7.5 c0-0.414-0.168-0.789-0.439-1.061l-2-2C6.289,4.168,5.914,4,5.5,4C4.672,4,4,4.672,4,5.5c0,0.414,0.168,0.789,0.439,1.06 L6.439,8.561z M33.5,16h-3c-0.828,0-1.5,0.672-1.5,1.5s0.672,1.5,1.5,1.5h3c0.828,0,1.5-0.672,1.5-1.5S34.328,16,33.5,16z M28.561,26.439C28.289,26.168,27.914,26,27.5,26c-0.828,0-1.5,0.672-1.5,1.5c0,0.414,0.168,0.789,0.439,1.06l2,2 C28.711,30.832,29.086,31,29.5,31c0.828,0,1.5-0.672,1.5-1.5c0-0.414-0.168-0.789-0.439-1.061L28.561,26.439z M17.5,29 c-0.829,0-1.5,0.672-1.5,1.5v3c0,0.828,0.671,1.5,1.5,1.5s1.5-0.672,1.5-1.5v-3C19,29.672,18.329,29,17.5,29z M17.5,7 C11.71,7,7,11.71,7,17.5S11.71,28,17.5,28S28,23.29,28,17.5S23.29,7,17.5,7z M17.5,25c-4.136,0-7.5-3.364-7.5-7.5 c0-4.136,3.364-7.5,7.5-7.5c4.136,0,7.5,3.364,7.5,7.5C25,21.636,21.636,25,17.5,25z"></path></svg></label><label id="toggle-label-dark" for="darkmode-toggle" tabIndex="-1"><svg xmlns="http://www.w3.org/2000/svg" xmlnsXlink="http://www.w3.org/1999/xlink" version="1.1" id="nightIcon" x="0px" y="0px" viewBox="0 0 100 100" style="enable-background='new 0 0 100 100'" xmlSpace="preserve"><title>Dark mode</title><path d="M96.76,66.458c-0.853-0.852-2.15-1.064-3.23-0.534c-6.063,2.991-12.858,4.571-19.655,4.571 C62.022,70.495,50.88,65.88,42.5,57.5C29.043,44.043,25.658,23.536,34.076,6.47c0.532-1.08,0.318-2.379-0.534-3.23 c-0.851-0.852-2.15-1.064-3.23-0.534c-4.918,2.427-9.375,5.619-13.246,9.491c-9.447,9.447-14.6
|
|||
|
|
<p>现在我们已经得知,Session-Cookie 的一些缺点,以及 Session 的维护给服务端造成很大困扰,我们必须找地方存放它,又要考虑分布式的问题,甚至要单独为了它启用一套 Redis 集群。那有没有更好的办法?</p>
|
|||
|
|
<p>于是 Token 就应运而生了</p>
|
|||
|
|
<h3 id="token令牌">Token(令牌)<a aria-hidden="true" tabindex="-1" href="#token令牌" class="internal"> §</a></h3>
|
|||
|
|
<p>Token 是一个令牌,客户端访问服务器时,验证通过后服务端会为其签发一张令牌,之后,客户端就可以携带令牌访问服务器,服务端只需要验证令牌的有效性即可。一句话概括:<strong>访问资源接口(API)时所需要的资源凭证</strong></p>
|
|||
|
|
<h4 id="token-的组成">Token 的组成<a aria-hidden="true" tabindex="-1" href="#token-的组成" class="internal"> §</a></h4>
|
|||
|
|
<p>一般 Token 的组成由 <strong>uid</strong> (用户唯一的身份标识)+ <strong>time</strong>(当前时间的时间戳) + <strong>sign</strong> (签名,Token 的前几位以哈希算法压缩成的一定长度的十六进制字符串)</p>
|
|||
|
|
<h4 id="token-的认证流程图">Token 的认证流程图<a aria-hidden="true" tabindex="-1" href="#token-的认证流程图" class="internal"> §</a></h4>
|
|||
|
|
<p><img src="https://static.7wate.com/img/2022/08/30/40b2dbfe8f84a.png" alt="Token 的认证流程图"/></p>
|
|||
|
|
<h4 id="token-认证步骤解析">Token 认证步骤解析<a aria-hidden="true" tabindex="-1" href="#token-认证步骤解析" class="internal"> §</a></h4>
|
|||
|
|
<ol>
|
|||
|
|
<li><strong>客户端:</strong> 输入用户名和密码请求登录校验。</li>
|
|||
|
|
<li><strong>服务器:</strong> 收到请求验证用户名与密码;验证成功后,服务端会签发一个 Token,并把这个 Token 发送给客户端。</li>
|
|||
|
|
<li><strong>客户端:</strong> 收到 Token 以后需要把它存储起来,Web 端一般会放在 localStorage 或 Cookie 中,移动端原生 APP 一般存储在本地缓存中。</li>
|
|||
|
|
<li><strong>客户端:</strong> 再次向服务端请求 API 资源的时候,将 Token 通过 HTTP 请求头 Authorization 字段或者其它方式发送给服务端。</li>
|
|||
|
|
<li><strong>服务器:</strong> 收到请求,然后去验证客户端请求里面带着的 Token ,如果验证成功,就向客户端返回请求的数据,否则拒绝返还(401)。</li>
|
|||
|
|
</ol>
|
|||
|
|
<h4 id="token-的优点">Token 的优点<a aria-hidden="true" tabindex="-1" href="#token-的优点" class="internal"> §</a></h4>
|
|||
|
|
<ul>
|
|||
|
|
<li><strong>服务端无状态化、可扩展性好:</strong> Token 机制在服务端不需要存储会话(Session)信息,因为 Token 自身包含了其所标识用户的相关信息,这有利于在多个服务间共享用户状态。</li>
|
|||
|
|
<li><strong>支持 APP 移动端设备。</strong></li>
|
|||
|
|
<li><strong>安全性好:</strong> 有效避免 CSRF 攻击(因为不需要 Cookie)。</li>
|
|||
|
|
<li><strong>支持跨程序调用:</strong> 因为 Cookie 是不允许跨域访问的,而 Token 则不存在这个问题。</li>
|
|||
|
|
</ul>
|
|||
|
|
<h4 id="token-的缺点">Token 的缺点<a aria-hidden="true" tabindex="-1" href="#token-的缺点" class="internal"> §</a></h4>
|
|||
|
|
<ul>
|
|||
|
|
<li><strong>配合:</strong> 需要前后端配合处理。</li>
|
|||
|
|
<li><strong>占带宽:</strong> 正常情况下比 sid 更大,消耗更多流量,挤占更多宽带。</li>
|
|||
|
|
<li><strong>性能问题:</strong> 虽说验证 Token 时不用再去访问数据库或远程服务进行权限校验,但是需要对 Token 加解密等操作,所以会更耗性能。</li>
|
|||
|
|
<li><strong>有效期短:</strong> 为了避免 Token 被盗用,一般 Token 的有效期会设置的较短,所以就有了 Refresh Token。</li>
|
|||
|
|
</ul>
|
|||
|
|
<h3 id="refresh-token刷新-token">Refresh Token(刷新 Token)<a aria-hidden="true" tabindex="-1" href="#refresh-token刷新-token" class="internal"> §</a></h3>
|
|||
|
|
<p>业务接口用来鉴权的 Token,我们称之为 Access Token。为了安全,我们的 Access Token 有效期一般设置较短,以避免被盗用。但过短的有效期会造成 Access Token 经常过期,过期后怎么办呢?</p>
|
|||
|
|
<p>一种办法是<strong>刷新 Access Token</strong>,让用户重新登录获取新 Token,会很麻烦。另一种办法是再来一个 Token,一个专门生成 Access Token 的 Token,我们称为 <strong>Refresh Token</strong>。</p>
|
|||
|
|
<ul>
|
|||
|
|
<li><strong>Access Token:</strong> 用来访问业务接口,由于有效期足够短,盗用风险小,也可以使请求方式更宽松灵活;</li>
|
|||
|
|
<li><strong>Refresh Token:</strong> 用来获取 Access Token,有效期可以长一些,通过独立服务和严格的请求方式增加安全性;由于不常验证,也可以如前面的 Session 一样处理;</li>
|
|||
|
|
</ul>
|
|||
|
|
<h4 id="refresh-token-的认证流程图">Refresh Token 的认证流程图<a aria-hidden="true" tabindex="-1" href="#refresh-token-的认证流程图" class="internal"> §</a></h4>
|
|||
|
|
<p><img src="https://static.7wate.com/img/2022/08/30/0f634bdff18ca.png" alt="Refresh Token 的认证流程图"/></p>
|
|||
|
|
<h4 id="refresh-token-认证步骤解析">Refresh Token 认证步骤解析<a aria-hidden="true" tabindex="-1" href="#refresh-token-认证步骤解析" class="internal"> §</a></h4>
|
|||
|
|
<ol>
|
|||
|
|
<li><strong>客户端:</strong> 输入用户名和密码请求登录校验。</li>
|
|||
|
|
<li><strong>服务端:</strong> 收到请求,验证用户名与密码;验证成功后,服务端会签发一个 Access Token 和 Refresh Token 并返回给客户端;</li>
|
|||
|
|
<li><strong>客户端:</strong> 把 Access Token 和 Refresh Token 存储在本地;</li>
|
|||
|
|
<li><strong>客户端:</strong> 请求数据时,携带 Access Token 传输给服务端;</li>
|
|||
|
|
<li><strong>服务端</strong>:
|
|||
|
|
<ul>
|
|||
|
|
<li>验证 Access Token 有效:正常返回数据</li>
|
|||
|
|
<li>验证 Access Token 过期:拒绝请求</li>
|
|||
|
|
</ul>
|
|||
|
|
</li>
|
|||
|
|
<li><strong>客户端</strong> ( Access Token 已过期) <strong>:</strong> 则重新传输 Refresh Token 给服务端;</li>
|
|||
|
|
<li><strong>服务端</strong> ( Access Token 已过期) <strong>:</strong> 验证 Refresh Token ,验证成功后返回新的 Access Token 给客户端;</li>
|
|||
|
|
<li><strong>客户端:</strong> 重新携带新的 Access Token 请求接口;</li>
|
|||
|
|
</ol>
|
|||
|
|
<h3 id="token-和-session-cookie-的区别">Token 和 Session-Cookie 的区别<a aria-hidden="true" tabindex="-1" href="#token-和-session-cookie-的区别" class="internal"> §</a></h3>
|
|||
|
|
<p>Session-Cookie 和 Token 有很多类似的地方,但是 Token 更像是 Session-Cookie 的升级改良版。</p>
|
|||
|
|
<ul>
|
|||
|
|
<li><strong>存储地不同:</strong> Session 一般是存储在服务端;Token 是无状态的,一般由前端存储。</li>
|
|||
|
|
<li><strong>安全性不同:</strong> Session 和 Token 并不矛盾,作为身份认证 Token 安全性比 Session 好,因为每一个请求都有签名还能防止监听以及重放攻击。</li>
|
|||
|
|
<li><strong>支持性不同:</strong> Session-Cookie 认证需要靠浏览器的 Cookie 机制实现,如果遇到原生 NativeAPP 时这种机制就不起作用了,或是浏览器的 Cookie 存储功能被禁用,也是无法使用该认证机制实现鉴权的;而 Token 验证机制丰富了客户端类型。</li>
|
|||
|
|
</ul></article></div><div class="right sidebar"><div class="graph "><h3>Graph View</h3><div class="graph-outer"><div id="graph-container" data-cfg="{"drag":true,"zoom":true,"depth":1,"scale":1.1,"repelForce":0.5,"centerForce":0.3,"linkDistance":30,"fontSize":0.6,"opacityScale":1,"showTags":true,"removeTags":[]}"></div><svg version="1.1" id="global-graph-icon" xmlns="http://www.w3.org/2000/svg" xmlnsXlink="http://www.w3.org/1999/xlink" x="0px" y="0px" viewBox="0 0 55 55" fill="currentColor" xmlSpace="preserve"><path d="M49,0c-3.309,0-6,2.691-6,6c0,1.035,0.263,2.009,0.726,2.86l-9.829,9.829C32.542,17.634,30.846,17,29,17
|
|||
|
|
s-3.542,0.634-4.898,1.688l-7.669-7.669C16.785,10.424,17,9.74,17,9c0-2.206-1.794-4-4-4S9,6.794,9,9s1.794,4,4,4
|
|||
|
|
c0.74,0,1.424-0.215,2.019-0.567l7.669,7.669C21.634,21.458,21,23.154,21,25s0.634,3.542,1.688,4.897L10.024,42.562
|
|||
|
|
C8.958,41.595,7.549,41,6,41c-3.309,0-6,2.691-6,6s2.691,6,6,6s6-2.691,6-6c0-1.035-0.263-2.009-0.726-2.86l12.829-12.829
|
|||
|
|
c1.106,0.86,2.44,1.436,3.898,1.619v10.16c-2.833,0.478-5,2.942-5,5.91c0,3.309,2.691,6,6,6s6-2.691,6-6c0-2.967-2.167-5.431-5-5.91
|
|||
|
|
v-10.16c1.458-0.183,2.792-0.759,3.898-1.619l7.669,7.669C41.215,39.576,41,40.26,41,41c0,2.206,1.794,4,4,4s4-1.794,4-4
|
|||
|
|
s-1.794-4-4-4c-0.74,0-1.424,0.215-2.019,0.567l-7.669-7.669C36.366,28.542,37,26.846,37,25s-0.634-3.542-1.688-4.897l9.665-9.665
|
|||
|
|
C46.042,11.405,47.451,12,49,12c3.309,0,6-2.691,6-6S52.309,0,49,0z M11,9c0-1.103,0.897-2,2-2s2,0.897,2,2s-0.897,2-2,2
|
|||
|
|
S11,10.103,11,9z M6,51c-2.206,0-4-1.794-4-4s1.794-4,4-4s4,1.794,4,4S8.206,51,6,51z M33,49c0,2.206-1.794,4-4,4s-4-1.794-4-4
|
|||
|
|
s1.794-4,4-4S33,46.794,33,49z M29,31c-3.309,0-6-2.691-6-6s2.691-6,6-6s6,2.691,6,6S32.309,31,29,31z M47,41c0,1.103-0.897,2-2,2
|
|||
|
|
s-2-0.897-2-2s0.897-2,2-2S47,39.897,47,41z M49,10c-2.206,0-4-1.794-4-4s1.794-4,4-4s4,1.794,4,4S51.206,10,49,10z"></path></svg></div><div id="global-graph-outer"><div id="global-graph-container" data-cfg="{"drag":true,"zoom":true,"depth":-1,"scale":0.9,"repelForce":0.5,"centerForce":0.3,"linkDistance":30,"fontSize":0.6,"opacityScale":1,"showTags":true,"removeTags":[]}"></div></div></div><div class="toc desktop-only"><button type="button" id="toc" class><h3>Table of Contents</h3><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="fold"><polyline points="6 9 12 15 18 9"></polyline></svg></button><div id="toc-content"><ul class="overflow"><li class="depth-0"><a href="#token-鉴权" data-for="token-鉴权">Token 鉴权</a></li><li class="depth-1"><a href="#token令牌" data-for="token令牌">Token(令牌)</a></li><li class="depth-1"><a href="#refresh-token刷新-token" data-for="refresh-token刷新-token">Refresh Token(刷新 Token)</a></li><li class="depth-1"><a href="#token-和-session-cookie-的区别" data-for="token-和-session-cookie-的区别">Token 和 Session-Cookie 的区别</a></li></ul></div></div><div class="backlinks "><h3>Backlinks</h3><ul class="overflow"><li>No backlinks found</li></ul></div><div class="explorer mobile-only"><button type="button" id="explorer" data-behavior="collapse" data-collapsed="collapsed" data-savestate="true" data-tree="[{"path":"Obsidian","collapsed":true},{"path":"Obsidian/Templates","collapsed":true},{"path":"Personal","collapsed":true},{"path":"Personal/Blog","collapsed":true},{"path":"Personal/Blog/2018","collapsed":true},{"path":"Personal/Blog/2020","collapsed":true},{"path":"Personal/Blog/2021","collapsed":true},{"path":"Personal/Blog/2022","collapsed":true},{"path":"Personal/Blog/2023","collapsed":true},{"path":"Personal/Blog/2024","collapsed":true},{"path":"Personal/Book","collapsed":true},{"path":"Personal/Book/个人成长","collapsed":true},{"path":"Personal/Book/医学健康","collapsed":true},{"path":"Personal/Book/历史","collapsed":true},{"path":"Personal/Book/哲学宗教","collapsed":true},{"path":"Personal/Book/心理","collapsed":true},{"path":"Personal/Book/政治军事","collapsed":true},{"path":"Personal/Book/教育学习","collapsed":true},{"path":"Personal/Book/文学","collapsed":true},{"path":"Personal/Book/生活百科","collapsed":true},{"path":"Personal/Book/社会文化","collapsed":true},{"path":"Personal/Book/科学技术","collapsed":true},{"path":"Personal/Book/经济理财","collapsed":true},{"path":"Personal/Book/艺术","collapsed":true},{"path":"Personal/Book/计算机","collapsed":true},{"path":"Personal/Journal","collapsed":true},{"path":"Personal/Journal/2022","collapsed":true},{"path":"Personal/Journal/2022/W34","collapsed":true},{"path":"Personal/Journal/2022/W35","collapsed":true},{"path":"Personal/Journal/2022/W36","collapsed":true},{"path":"Personal/Journal/2022/W37","collapsed&qu
|
|||
|
|
function toggleCallout() {
|
|||
|
|
const outerBlock = this.parentElement;
|
|||
|
|
outerBlock.classList.toggle(`is-collapsed`);
|
|||
|
|
const collapsed = outerBlock.classList.contains(`is-collapsed`);
|
|||
|
|
const height = collapsed ? this.scrollHeight : outerBlock.scrollHeight;
|
|||
|
|
outerBlock.style.maxHeight = height + `px`;
|
|||
|
|
let current = outerBlock;
|
|||
|
|
let parent = outerBlock.parentElement;
|
|||
|
|
while (parent) {
|
|||
|
|
if (!parent.classList.contains(`callout`)) {
|
|||
|
|
return;
|
|||
|
|
}
|
|||
|
|
const collapsed2 = parent.classList.contains(`is-collapsed`);
|
|||
|
|
const height2 = collapsed2 ? parent.scrollHeight : parent.scrollHeight + current.scrollHeight;
|
|||
|
|
parent.style.maxHeight = height2 + `px`;
|
|||
|
|
current = parent;
|
|||
|
|
parent = parent.parentElement;
|
|||
|
|
}
|
|||
|
|
}
|
|||
|
|
function setupCallout() {
|
|||
|
|
const collapsible = document.getElementsByClassName(
|
|||
|
|
`callout is-collapsible`
|
|||
|
|
);
|
|||
|
|
for (const div of collapsible) {
|
|||
|
|
const title = div.firstElementChild;
|
|||
|
|
if (title) {
|
|||
|
|
title.removeEventListener(`click`, toggleCallout);
|
|||
|
|
title.addEventListener(`click`, toggleCallout);
|
|||
|
|
const collapsed = div.classList.contains(`is-collapsed`);
|
|||
|
|
const height = collapsed ? title.scrollHeight : div.scrollHeight;
|
|||
|
|
div.style.maxHeight = height + `px`;
|
|||
|
|
}
|
|||
|
|
}
|
|||
|
|
}
|
|||
|
|
document.addEventListener(`nav`, setupCallout);
|
|||
|
|
window.addEventListener(`resize`, setupCallout);
|
|||
|
|
</script><script type="module">
|
|||
|
|
import mermaid from 'https://cdn.jsdelivr.net/npm/mermaid/dist/mermaid.esm.min.mjs';
|
|||
|
|
const darkMode = document.documentElement.getAttribute('saved-theme') === 'dark'
|
|||
|
|
mermaid.initialize({
|
|||
|
|
startOnLoad: false,
|
|||
|
|
securityLevel: 'loose',
|
|||
|
|
theme: darkMode ? 'dark' : 'default'
|
|||
|
|
});
|
|||
|
|
document.addEventListener('nav', async () => {
|
|||
|
|
await mermaid.run({
|
|||
|
|
querySelector: '.mermaid'
|
|||
|
|
})
|
|||
|
|
});
|
|||
|
|
</script><script src="https://cdn.jsdelivr.net/npm/katex@0.16.7/dist/contrib/copy-tex.min.js" type="application/javascript"></script><script src="../../../../postscript.js" type="module"></script></html>
|