Bor*_*lov 2 authentication node.js jwt passport.js
我正在尝试实施passport-jwt身份验证,但在尝试呼叫端点时,我总是获得401 Unauthorized.
这是我的设置
passport.js
var passport = require('passport');
var User = require('../models/user');
var config = require('./auth');
var JwtStrategy = require('passport-jwt').Strategy;
var ExtractJwt = require('passport-jwt').ExtractJwt;
var LocalStrategy = require('passport-local').Strategy;
var localOptions = {
usernameField: 'email'
};
var localLogin = new LocalStrategy(localOptions, function(email, password, done) {
User.findOne({
email: email
}, function(err, user) {
if (err) {
return done(err);
}
if (!user) {
return done(null, false, { error: 'Login failed. Please try again' });
}
user.comparePassword(password, function(err, isMatch) {
if (err) {
return done(err);
}
if (!isMatch) {
return done(null, false, { error: 'Login Failed. Please try again.' });
}
user.status = 'online';
user.save(function(err, user) {
if (err) {
return done(err);
}
});
return done(null, user);
});
});
});
var jwtOptions = {
jwtFromRequest: ExtractJwt.fromHeader('Authorization'),
secretOrKey: config.secret
};
var jwtLogin = new JwtStrategy(jwtOptions, function(payload, done) {
console.log(payload);
User.findById(payload._id, function(err, user) {
if (err) {
return done(err, false);
}
if (user) {
done(null, user)
} else {
done(null, false);
}
});
});
passport.use(localLogin);
passport.use(jwtLogin);
module.exports = {
initialize: () => passport.initialize(),
authenticateJWT: passport.authenticate('jwt', { session: false }),
authenticateCredentials: passport.authenticate('local', { session: false }),
};
user.js的
var express = require('express');
var router = express.Router();
var AuthController = require('../controllers/authentication');
var passportService = require('../config/passport');
var passport = require('passport');
const requireToken = passportService.authenticateJWT;
const requireCredentials = passportService.authenticateCredentials;
router.post('/signup', AuthController.register);
router.post('/signin', requireCredentials, AuthController.login);
router.get('/protected', requireToken function(req, res, next){
res.send({msg:'Success!'});
});
module.exports = router;
我已经确定我的标题包含:'JWT'+ [某些标记] ...也尝试没有'JWT'仍然没有...
我检查了其他帖子有关同一问题,但仍然无法解决它.
短期
遗产
'JWT ' + [some token]
版本0.4.0
'bearer ' + [some token]
示例
所以当您发送令牌时,现在就像这样:
遗产
res.json ({ success: true, token: 'JWT ' + token })
版本0.4.0
res.json ({ success: true, token: 'bearer ' + token })
深入
可能还有其他方法可以做到这一点
如果您查看/node_module/passport-jwt/lib/extract_jwt.js文件,您可以看到有一个函数被调用versionOneCompatibility(options)
| 归档时间: |
|
| 查看次数: |
7234 次 |
| 最近记录: |