我一直在尝试使用JWT和护照为我的应用添加授权。当地战略似乎没有任何问题,但JWT战略似乎并没有奏效。
我的 Passport.js 文件
import passport from 'passport';
import User from '../models/regusers.model';
import config from '../config';
import jwtstrategy from 'passport-jwt';
import extractjwt from 'passport-jwt';
import LocalStrategy from 'passport-local';
const JwtStrategy = jwtstrategy.Strategy;
const ExtractJwt = extractjwt.ExtractJwt;
const localOption = {usernameField:'email'};
// create local Strategy
const localLogin = new LocalStrategy(localOption,(email,password,done)=>{
//verify this username and password, call done true if true or false
User.findOne({email:email},(err,user)=>{
if(err){ return done(err);}
if(!user){ return done(null,false);}
// compare Password - is 'password' equal to user.password
user.comparePassword(password,function(err,isMatch){
if(err){ return done(err); }
if(!isMatch) { return done(null,false); }
return done(null,user);
});
});
});
// setup options for JWT Strategy
const jwtOptions = {
jwtFromRequest:ExtractJwt.fromHeader('Authorization'),
secretOrKey:config.secret
};
// Create JWT Strategy
const jwtLogin = new JwtStrategy(jwtOptions,function(payload,done){
// see if user id in payload exists in our db
//if it does, call done with that other
//otherwise, call done without a user obejct
User.findById(payload.sub,(err,user)=>{
if(err){ return done(err,false); }
if(user){
done(null,user);
}else{
done(null,false);
}
});
});
passport.use(jwtLogin);
passport.use(localLogin);
我的 authentication.js 文件
import User from '../models/regusers.model';
import jwt from 'jwt-simple';
import config from '../config';
import bcrypt from 'bcrypt-nodejs';
let tokenForUser = (user) =>{
const timpestamp = new Date().getTime();
return jwt.encode({sub:user.id,iat:timpestamp},config.secret);
}
let login = (req,res,next) => {
//User has already had their email and password auth'd
//We just need to give them a token
res.send({token:tokenForUser(req.user),unu:req.user.uname});
}
let signup = (req,res,next) => {
const fname = req.body.fname;
const lname = req.body.lname;
const uname = req.body.uname;
const email = req.body.email;
const password =req.body.password;
if(!email || !password){
return res.status(422).send({error:'You must provide email and password'});
}
// See if a user with the given email exists
User.findOne({email: email },(err,user)=>{
if(err){
return next(err);
}
//If a user with email does exists, return an erorr
if(user){
return res.status(422).send({error:'Email is in use'});
}
//if user with email does not exists,create and save user
const newuser = new User({
fname:fname,
lname:lname,
uname:uname,
email:email,
password:password
});
newuser.save((err)=>{
if(err){ return next(err);}
res.json({token:tokenForUser(newuser)});
// res.json({success:'true'});
});
});
}
module.exports.signup = signup;
module.exports.login = login;
我使用认证中间件的路线
import Authentication from '../auth/auth';
import passportService from '../services/passport';
import passport from 'passport';
const requireAuth = passport.authenticate('jwt',{session:false});
const requireLogin = passport.authenticate('local',{session:false});
const user = (app) => {
app.get('/user',requireAuth,function (req,res){
res.json({hi:'there'});
});
app.post('/login',requireLogin,Authentication.login);
app.post('/signup',Authentication.signup);
}
export default user;
当我向用户路线发出获取请求时,我将其作为未经授权的任何原因。