Loi*_*ain 2 jwt typescript passport.js nestjs passport-jwt
我尝试使用 JWT 在 NestJS API 中对用户进行身份验证,但总是收到相同的错误:未经授权 401。
在我告诉你我的调查结果是空的之前,让我向你展示我的代码:
auth.module.ts
import { Module } from '@nestjs/common';
import { ConfigModule, ConfigService } from '@nestjs/config';
import { JwtModule } from '@nestjs/jwt';
import { UserModule } from 'src/user/user.module';
import { AuthService } from './auth.service';
import { LocalAuthController } from './local/local-auth.controller';
import { JwtStrategy } from './jwt/jwt.strategy';
@Module({
imports: [
ConfigModule,
JwtModule.register({
secretOrPrivateKey: 'a'
}),
UserModule],
providers: [AuthService, JwtStrategy],
controllers: [LocalAuthController]
})
export class AuthModule {}
auth.service.ts
import { Injectable, UnauthorizedException } from '@nestjs/common';
import { UserService } from 'src/user/user.service';
import * as bcrypt from 'bcrypt';
import { LocalAuthDto } from './local/local-auth.dto';
import { AccountType, User } from 'src/user/entity/user.entity';
import { JwtPayload } from './jwt/jwt.payload';
import { JwtService } from '@nestjs/jwt';
@Injectable()
export class AuthService {
constructor(
private readonly userService: UserService,
private readonly jwtService: JwtService,
) {}
async signinLocal(localAuthDto: LocalAuthDto): Promise<any | null> {
const user = await this.userService.findOneByEmailOrUsername(localAuthDto.emailOrUsername, true);
if (user === null || !(await bcrypt.compare(localAuthDto.password, user.password)))
throw new UnauthorizedException("Invalid credentials");
const payload: JwtPayload = { sub: user.uuid };
return this.jwtService.sign(payload);
}
}
本地auth.controller.ts
import { Body, Controller, Post, Request, UnauthorizedException, UseGuards } from '@nestjs/common';
import { ApiTags } from '@nestjs/swagger';
import { AuthService } from '../auth.service';
import { LocalAuthDto } from './local-auth.dto';
@ApiTags("auth")
@Controller('auth/local')
export class LocalAuthController {
constructor(private readonly authService: AuthService) {}
@Post('signin')
async signin(@Body() localAuthDto: LocalAuthDto) {
return await this.authService.signinLocal(localAuthDto);
}
}
jwt.payload.ts
export class JwtPayload {
sub: string;
}
jwt.strategy.ts
import { Injectable, Logger, UnauthorizedException } from "@nestjs/common";
import { PassportStrategy } from "@nestjs/passport";
import { ExtractJwt } from "passport-jwt";
import { Strategy } from "passport-local";
@Injectable()
export class JwtStrategy extends PassportStrategy(Strategy, 'jwt') {
constructor() {
super({
jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
ignoreExpiration: true,
secretOrKey: 'a',
});
}
async validate(payload: any) {
return payload;
}
}
jwt.guard.ts
import { Injectable, Logger, UnauthorizedException } from "@nestjs/common";
import { AuthGuard } from "@nestjs/passport";
@Injectable()
export class JwtAuthGuard extends AuthGuard('jwt') {
private readonly logger = new Logger(JwtAuthGuard.name);
handleRequest(err, user, info) {
this.logger.error(err, user, info);
if (err || !user) {
throw err || new UnauthorizedException();
}
return user;
}
}
应用程序控制器.ts
import { Controller, Get, UseGuards } from '@nestjs/common';
import { ApiBearerAuth } from '@nestjs/swagger';
import { JwtAuthGuard as JwtAuthGuard } from './auth/jwt/jwt.guard';
@Controller()
export class AppController {
constructor() {}
@Get()
healthCheck(): string {
return "API started";
}
@ApiBearerAuth()
@UseGuards(JwtAuthGuard)
@Get("authCheck")
authenticationGuardCheck(): string {
return "It works";
}
}
首先,我通过代码提取了生成的 JWT:
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIwNGRkM2MyNi03YjA4LTQ2MWEtYTA4OS05YWRkOTgzZjZmODUiLCJpYXQiOjE2NzA3NzU2MzR9.0MuojBY0_i5Losa6IgPrB2A2py-XrLoueMc4Mk1PUrY
它包含良好的 uuid,并且使用密钥进行了良好签名:a
Passport 没有在控制台中给我任何错误,只是返回给我Unauthorized 401
所以我尝试显示更多信息,我发现了这段代码(在 jwt.guard.ts 中):
handleRequest(err, user, info) {
this.logger.error(err, user, info);
if (err || !user) {
throw err || new UnauthorizedException();
}
return user;
}
现在,当我发送请求时,我将其输入控制台: 护照“错误”
所以我要求 NestJS 打印我的请求并且我的令牌存在:请求标头
现在我被困在这里,我不明白为什么护照无法在请求标头中获取我的令牌。你是我最后的机会;(
谢谢您的帮助
在您的导入中,而不是JwtStrategy导入。这意味着护照正在寻找而不是实际关心您通过标头发送的内容。相反导入,这应该得到解决Strategypassport-localpassport-jwtreq.body.usernamereq.body.passwordJWTauthorizationStrategypassport-jwt
| 归档时间: |
|
| 查看次数: |
579 次 |
| 最近记录: |
