[Button.name]: Button

router-view

import Vue from 'vue'import VueRouter from 'vue-router'Vue.use(VueRouter)

vue-router

```sh

# vant ui

$ yarn add vant

$ yarn add -D babel-plugin-import

```

https://github.com/Brooooooklyn/ts-import-plugin

## .babelrc

```js

{

"plugins": [

["import", {

"libraryName": "vant",

"libraryDirectory": "es",

"style": true

}]

]

}

// import { Button } from 'vant';

```

vue -h

vue -V

3.7.0

Vant UI

'use strict';

// import { log } from '../utils/log';

const log = console.log;

const Controller = require('egg').Controller;

class HomeController extends Controller {

async index() {

const { ctx } = this;

const {

// query,

// params,

// request,

// response,

// app,

// originalUrl,

// req,

// res,

// socket,

// service,

render,

} = ctx;

log(`render =\n`, render)

// render =

// render(...args) {

//   return this.renderView(...args).then(body => {

//     this.body = body; // 不需要 ctx.body = html

//   });

// }

// 不支持 render 结构???

// const html = await render('index.html');

const uid = 123;

// const html = await ctx.render('index.html', { uid });

// ctx.body = html

// await ctx.render('home.ejs', {

//   uid,

// });

await ctx.render('index.html', {

uid,

});

// await ctx.render('index.html');

// ctx.body = 'hi, egg';

}

}

module.exports = HomeController;

// ctx.body = ctx.render('index.html');

const uid = 123;

   ctx.body = ctx.render('index.html', uid);

const db_data = await ctx.service.product.index();

'use strict';

// import { log } from '../utils/log';

const log = console.log;

const Service = require('egg').Service;

class ProductService extends Service {

// DB SQL

async find(uid) {

const product = await this.ctx.db.query('select * from product where uid = ?', uid);

return product;

}

}

module.exports = ProductService;

DB

MySQL / MongoDB

Service

https://eggjs.org/zh-cn/basics/service.html

POST & JSON

https://www.cnblogs.com/xgqfrms/p/12860441.html

## CSRF 攻击：伪造用户请求向网站发起恶意请求。

> message: "invalid csrf token"

https://eggjs.org/zh-cn/core/security.html#安全威胁csrf的防范

https://eggjs.org/zh-cn/core/security.html#安全威胁-csrf-的防范

```js

// CSRF

// config/config.default.js

// module.exports = {

//   security: {

//     csrf: {

//       ignoreJSON: true, // 默认为 false，当设置为 true 时，将会放过所有 content-type 为 `application/json` 的请求

//     },

//   },

// };

config.security = {

csrf: {

enable: false,

},

};

```