我正在使用Express,Mongoose,Passport和JWT实现授权功能。
我可以注册一个用户ok。我能够验证并生成JWT,我可以在JWT网站上解析,但出于某种原因,我收到了一条未知的身份验证策略错误消息。
我将所有代码块放在Plunker实例上:
https://plnkr.co/edit/ZNjQwcZ4rMymzBXNy5nX?p=catalogue
这是我的passport.js文件,其中包含我的策略:
var JwtStrategy = require('passport-jwt').Strategy;
// load up the user model
var User = require('../models/user');
var config = require('../config/database'); // get db config file
module.exports = function(passport) {
var opts = {};
opts.secretOrKey = config.secret;
passport.use(new JwtStrategy(opts, function(jwt_payload, done) {
User.findOne({id: jwt_payload.id}, function(err, user) {
if (err) {
return done(err, false);
}
if (user) {
done(null, user);
} else {
done(null, false);
}
});
}));
};
以下是我的authentication.js文件:
var express = require('express');
var router = express.Router();
var jwt = require('jwt-simple');
var config = require('../config/database');
var User = require('../models/user');
router.route('/')
.post(function(req, res) {
User.findOne({
name: req.body.name
}, function(err, user) {
if (err)
res.send(err);
if (!user) {
res.send({success: false, msg: 'Authentication failed. User not found.'});
} else {
// check if password matches
user.comparePassword(req.body.password, function (err, isMatch) {
if (isMatch && !err) {
// if user is found and password is right create a token
var token = jwt.encode(user, config.secret);
// return the information including token as JSON
res.json({success: true, token: 'JWT ' + token});
} else {
res.send({success: false, msg: 'Authentication failed. Wrong password.'});
}
});
}
});
});
module.exports = router;
这是我正在调用的生成错误的端点:
var express = require('express');
var router = express.Router();
var jwt = require('jwt-simple');
var config = require('../config/database');
var passport = require('passport');
var User = require('../models/user');
router.route('/')
.get(passport.authenticate('jwt', { session: false}), function(req, res) {
var token = getToken(req.headers);
if (token) {
var decoded = jwt.decode(token, config.secret);
User.findOne({
name: decoded.name
}, function(err, user) {
if (err) throw err;
if (!user) {
return res.status(403).send({success: false, msg: 'Authentication failed. User not found.'});
} else {
res.json({success: true, msg: 'Welcome in the member area ' + user.name + '!'});
}
});
} else {
return res.status(403).send({success: false, msg: 'No token provided.'});
}
});
getToken = function (headers) {
if (headers && headers.authorization) {
var parted = headers.authorization.split(' ');
if (parted.length === 2) {
return parted[1];
} else {
return null;
}
} else {
return null;
}
};
module.exports = router;
答案 0 :(得分:8)
您忘记在应用程序中包含您自己的passport.js模块。这导致nodejs找不到JWTStrategy的定义,这最终会导致您看到的错误。
在您的端点文件中,只需包含本地passport.js文件:
var express = require('express');
var router = express.Router();
var jwt = require('jwt-simple');
var config = require('../config/database');
var passport = require('passport');
require('./passport')(passport) // as strategy in ./passport.js needs passport object
var User = require('../models/user');
router.route('/')
.get(passport.authenticate('jwt', { session: false}), function(req, res) {
var token = getToken(req.headers);
...
答案 1 :(得分:0)
如果您查看护照配置文件(passport.js),您将看到
module.exports = function (passport) {
//bla bla bla
}
如您所见,需要passport instance
现在如何pass this instance到你的passport.js文件
简单
var passport = require('passport');// create a passport instance
var myPassportService = require('../config/passport')(passport);// pass it into passport.js file
希望这可以帮助你