护照-jwt 401未经授权 [英] passport-jwt 401 Unauthorized
问题描述
我正在尝试实现passport-jwt身份验证,但是在尝试调用端点时总是出现401 Unauthorized.
I'm trying to implement passport-jwt authentication but I'm always getting 401 Unauthorized when trying to call the endpoint.
这是我的设置
passport.js
passport.js
var passport = require('passport');
var User = require('../models/user');
var config = require('./auth');
var JwtStrategy = require('passport-jwt').Strategy;
var ExtractJwt = require('passport-jwt').ExtractJwt;
var LocalStrategy = require('passport-local').Strategy;
var localOptions = {
usernameField: 'email'
};
var localLogin = new LocalStrategy(localOptions, function(email, password, done) {
User.findOne({
email: email
}, function(err, user) {
if (err) {
return done(err);
}
if (!user) {
return done(null, false, { error: 'Login failed. Please try again' });
}
user.comparePassword(password, function(err, isMatch) {
if (err) {
return done(err);
}
if (!isMatch) {
return done(null, false, { error: 'Login Failed. Please try again.' });
}
user.status = 'online';
user.save(function(err, user) {
if (err) {
return done(err);
}
});
return done(null, user);
});
});
});
var jwtOptions = {
jwtFromRequest: ExtractJwt.fromHeader('Authorization'),
secretOrKey: config.secret
};
var jwtLogin = new JwtStrategy(jwtOptions, function(payload, done) {
console.log(payload);
User.findById(payload._id, function(err, user) {
if (err) {
return done(err, false);
}
if (user) {
done(null, user)
} else {
done(null, false);
}
});
});
passport.use(localLogin);
passport.use(jwtLogin);
module.exports = {
initialize: () => passport.initialize(),
authenticateJWT: passport.authenticate('jwt', { session: false }),
authenticateCredentials: passport.authenticate('local', { session: false }),
};
user.js
var express = require('express');
var router = express.Router();
var AuthController = require('../controllers/authentication');
var passportService = require('../config/passport');
var passport = require('passport');
const requireToken = passportService.authenticateJWT;
const requireCredentials = passportService.authenticateCredentials;
router.post('/signup', AuthController.register);
router.post('/signin', requireCredentials, AuthController.login);
router.get('/protected', requireToken function(req, res, next){
res.send({msg:'Success!'});
});
module.exports = router;
我确保我的标头包含:'JWT'+ [some token] ... 还尝试了没有'JWT'的情况...
I've made sure that my header contains: 'JWT ' + [some token]... Also tried without the 'JWT ' still nothing...
我已经检查了有关同一问题的其他帖子,但仍然无法解决.
I've checked the other posts about the same problem but still can't resolve it.
推荐答案
缩短
旧版
'JWT ' + [some token]
SHORT
Legacy
'JWT ' + [some token]
版本0.4.0
'bearer ' + [some token]
Version 0.4.0
'bearer ' + [some token]
示例
因此,当您现在发送令牌时,就像这样:
旧版
res.json ({ success: true, token: 'JWT ' + token })
EXAMPLE
So when you send the tokens now is like this:
Legacy
res.json ({ success: true, token: 'JWT ' + token })
版本0.4.0
res.json ({ success: true, token: 'bearer ' + token })
Version 0.4.0
res.json ({ success: true, token: 'bearer ' + token })
深入
可能还有其他方法可以做到这一点
如果查看/node_module/passport-jwt/lib/extract_jwt.js
文件,您会看到有一个名为versionOneCompatibility(options)
In depth
There may be other ways to do this as well
If you look in the /node_module/passport-jwt/lib/extract_jwt.js
file you can see that theres a function called versionOneCompatibility(options)
这篇关于护照-jwt 401未经授权的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!