护照-jwt 401未经授权 [英] passport-jwt 401 Unauthorized

问题描述

我正在尝试实现passport-jwt身份验证，但是在尝试调用端点时总是出现401 Unauthorized.

I'm trying to implement passport-jwt authentication but I'm always getting 401 Unauthorized when trying to call the endpoint.

这是我的设置

passport.js

passport.js

var passport = require('passport');
var User = require('../models/user');
var config = require('./auth');
var JwtStrategy = require('passport-jwt').Strategy;
var ExtractJwt = require('passport-jwt').ExtractJwt;
var LocalStrategy = require('passport-local').Strategy;

var localOptions = {
    usernameField: 'email'
};

var localLogin = new LocalStrategy(localOptions, function(email, password, done) {

    User.findOne({
        email: email
    }, function(err, user) {
        if (err) {
            return done(err);
        }
        if (!user) {
            return done(null, false, { error: 'Login failed. Please try again' });
        }

        user.comparePassword(password, function(err, isMatch) {
            if (err) {
                return done(err);
            }
            if (!isMatch) {
                return done(null, false, { error: 'Login Failed. Please try again.' });
            }

            user.status = 'online';
            user.save(function(err, user) {
                if (err) {
                    return done(err);
                }
            });

            return done(null, user);
        });
    });
});

var jwtOptions = {
    jwtFromRequest: ExtractJwt.fromHeader('Authorization'),
    secretOrKey: config.secret
};

var jwtLogin = new JwtStrategy(jwtOptions, function(payload, done) {
    console.log(payload);
    User.findById(payload._id, function(err, user) {
        if (err) {
            return done(err, false);
        }
        if (user) {
            done(null, user)
        } else {
            done(null, false);
        }
    });
});

passport.use(localLogin);
passport.use(jwtLogin);

module.exports = {
    initialize: () => passport.initialize(),
    authenticateJWT: passport.authenticate('jwt', { session: false }),
    authenticateCredentials: passport.authenticate('local', { session: false }),
};

user.js

var express = require('express');
var router = express.Router();
var AuthController = require('../controllers/authentication');
var passportService = require('../config/passport');
var passport = require('passport');

const requireToken = passportService.authenticateJWT;
const requireCredentials = passportService.authenticateCredentials;


router.post('/signup', AuthController.register);
router.post('/signin', requireCredentials, AuthController.login);

router.get('/protected', requireToken function(req, res, next){
res.send({msg:'Success!'});
});

module.exports = router;

我确保我的标头包含:'JWT'+ [some token] ... 还尝试了没有'JWT'的情况...

I've made sure that my header contains: 'JWT ' + [some token]... Also tried without the 'JWT ' still nothing...

我已经检查了有关同一问题的其他帖子，但仍然无法解决.

I've checked the other posts about the same problem but still can't resolve it.

推荐答案

缩短
旧版
'JWT ' + [some token]

SHORT
Legacy
'JWT ' + [some token]

版本0.4.0
'bearer ' + [some token]

Version 0.4.0
'bearer ' + [some token]

示例
因此，当您现在发送令牌时，就像这样:
旧版
res.json ({ success: true, token: 'JWT ' + token })

EXAMPLE
So when you send the tokens now is like this:
Legacy
res.json ({ success: true, token: 'JWT ' + token })

版本0.4.0
res.json ({ success: true, token: 'bearer ' + token })

Version 0.4.0
res.json ({ success: true, token: 'bearer ' + token })

深入
可能还有其他方法可以做到这一点
如果查看/node_module/passport-jwt/lib/extract_jwt.js文件，您会看到有一个名为versionOneCompatibility(options)

In depth
There may be other ways to do this as well
If you look in the /node_module/passport-jwt/lib/extract_jwt.js file you can see that theres a function called versionOneCompatibility(options)

这篇关于护照-jwt 401未经授权的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！