我正在尝试使用passport-jwt设置JWT身份验证.我想我采取了正确的步骤,但测试GET不会成功,我不知道如何调试它.
这就是我所做的:
尽可能直接设置passport-jwt
var jwtOptions = {
secretOrKey: 'secret',
issuer: "accounts.examplesoft.com", // wasn't sure what this was, so i left as defaulted in the doc
audience: "yoursite.net" // wasn't sure what this was, so i left as defaulted in the doc
};
jwtOptions.jwtFromRequest = ExtractJwt.fromAuthHeader();
passport.use(new JwtStrategy(jwtOptions, function(jwt_payload, done) {
User.findOne({id: jwt_payload.sub}, function(err, user) {
if (err) {
return done(err, false);
}
if (user) {
done(null, user);
} else {
done(null, false);
// or you could create …成功登录后,我获得了 jwt 令牌,现在要访问受限 api,我正在发送授权标头,但我总是收到
401 未经授权
我已经参考了这里提出的使用 Passport-jwt问题进行身份验证的节点 API,但没有帮助我,
这是我调用的用于从受限 api 访问数据的函数
check() {
console.log(this.token);
var headers = new Headers();
headers.append('Content-Type', 'application/json');
headers.append("Authorization", "Bearer" + this.token);
let url = this.authenticationEndPoint + 'random';
this.checkauth(url, headers).subscribe(
data => {
console.log(data);
},
error => {
console.log("error");
}
);
}
checkauth(url:string, header:any): Observable<any> {
return this.http.get(url, header)
.map(this.extractData)
.catch(this.handleError);
}
private extractData(res: Response) {
let body = res;
return body || {};
}
在我的 NodeJs 服务器上,这是发送 jwt 令牌的登录代码:
app.post('/login_mobile', function(req, res) { …