jsonwebtoken中的有效负载错误 [英] Payload error in jsonwebtoken

问题描述

我正在使用nodejs和angular cli
创建一个Web应用程序我正在使用JWT来验证我的登录功能。但是当我处理它时抛出了这个错误

I am making a web application using nodejs and angular cli I'm using JWT to authenticate my login function . But when I process it threw this error

错误：预期有效负载是一个普通对象。
at validate（D：\Mean_Projects \ meanauthapp \ node_modules \ jsonwebtoken\sign.js：34：11）
at validatePayload（D：\Mean_Projects \ meanauthapp \ node_modules \\ \\ _jsonwebtoken\sign.js:56:10）
at Object.module.exports [as sign]（D：\ Meean_Projects \ meanauthapp \ node_modules \ jsonwebtoken\sign.js：108：7 ）
at User.comparePassword（D：\ Meean_Projects \ meanauthapp \routes\users.js：86：27）
at bcrypt.compare（D：\ Meean_Projects \ meanauthapp \ models \ user.js：53：9）
at D：\ Meean_Projects \ meanauthapp \ node_modules \ burnljs \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ \\ _Mean_Projects \ meanauthapp \\\
ode_modules \bcryptjs \dist\bcrypt.js：1353：21
at Immediate.next [as _onImmediate]（D：\Mean_Projects\meanauthapp \ node_modules \ burnljs \\\\\\\\\\\\\\\\\\\\\\\\\\回调（timers.js：785：20）
at tryOnImmediate（timers.js：747：5）
at processImmediate [as _immediateCallback]（timers.js：718：5）

Error: Expected "payload" to be a plain object. at validate (D:\Mean_Projects\meanauthapp\node_modules\jsonwebtoken\sign.js:34:11) at validatePayload (D:\Mean_Projects\meanauthapp\node_modules\jsonwebtoken\sign.js:56:10) at Object.module.exports [as sign] (D:\Mean_Projects\meanauthapp\node_modules\jsonwebtoken\sign.js:108:7) at User.comparePassword (D:\Mean_Projects\meanauthapp\routes\users.js:86:27) at bcrypt.compare (D:\Mean_Projects\meanauthapp\models\user.js:53:9) at D:\Mean_Projects\meanauthapp\node_modules\bcryptjs\dist\bcrypt.js:297:21 at D:\Mean_Projects\meanauthapp\node_modules\bcryptjs\dist\bcrypt.js:1353:21 at Immediate.next [as _onImmediate] (D:\Mean_Projects\meanauthapp\node_modules\bcryptjs\dist\bcrypt.js:1233:21) at runCallback (timers.js:785:20) at tryOnImmediate (timers.js:747:5) at processImmediate [as _immediateCallback] (timers.js:718:5)

这里我的护照代码

    const JwtStrategy= require('passport-jwt').Strategy;
    const ExtractJwt=require('passport-jwt').ExtractJwt;
    const User= require('../models/user');
    const config=require('../config/database');        
    module.exports=function(passport){
    let opts={};
    opts.jwtFromRequest=ExtractJwt.fromAuthHeader();
    opts.secretOrKey=config.secret;
    opts.issuer = 'accounts.examplesoft.com';
    opts.audience = 'yoursite.net';
    passport.use(new JwtStrategy(opts,(jwt_payload,done)=>{
        console.log(jwt_payload);
        User.getUserById(jwt_payload._doc._id,(err,user)=>{
            if(err){
                return done(err,false);
            }
            if(user){
                return done(null,user);
            }
            else{
                return done(null,false);
            }
        });
    }));
}

我的验证和获取资料的代码

My code for authenticate and get profile

// Authenticate
router.post('/authenticate', (req, res, next) => {
  const username = req.body.username;
  const password = req.body.password;

  User.getUserByUsername(username, (err, user) => {
    if(err) throw err;
    if(!user){
      return res.json({success: false, msg: 'User not found'});
    }

    User.comparePassword(password, user.password, (err, isMatch) => {
      if(err) throw err;
      if(isMatch){
        const token = jwt.sign(user, config.secret, {
          expiresIn: 604800 // 1 week
        });

        res.json({
          success: true,
          token: 'JWT '+token,
          user: {
            id: user._id,
            name: user.name,
            username: user.username,
            email: user.email
          }
        });
      } else {
        return res.json({success: false, msg: 'Wrong password'});
      }
    });
  });
});

// Profile
router.get('/profile', passport.authenticate('jwt', {session:false}), (req, res, next) => {
  res.json({user: req.user});
});

推荐答案

行失败

const token = jwt.sign(user, config.secret, {

错误预期有效负载成为普通对象

您的用户对象在此初始化：

User.getUserByUsername(username, (err, user)

我假设是 mongoosejs object，它包含许多方法，并且不是可序列化的。你可以通过传递普通对象来处理这个问题，方法是使用 .lean（） 来自 mongoose 或普通 toJSON 方法：

Which I assume is mongoosejs object, which contains many methods and is not "serializable". You could handle this by passing a plain object, by either using .lean() from mongoose or plain toJSON method:

const token = jwt.sign(user.toJSON(), config.secret, {
  expiresIn: 604800 // 1 week
});

这篇关于jsonwebtoken中的有效负载错误的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！