您好我正在处理我在jsonwebtokens,passport-jwt.I上工作的节点应用程序。我创建了应用程序后端端并且在postman上正常工作但是我坚持在前端。当我在邮递员的标题中发送令牌然后基于令牌的页面打开邮递员罚款但在正面显示未授权。如何在标题中发送令牌,以便此页面也在前端打开。 我的代码:
app.post("/login", function(req, res) {
if(req.body.name && req.body.password){
var name = req.body.name;
var password = req.body.password;
}
var user = users[_.findIndex(users, {name: name})];
if( ! user ){
res.status(401).json({message:"no such user found"});
}
if(user.password === req.body.password) {
// from now on we'll identify the user by the id and the id is the only personalized value that goes into our token
var payload = {id: user.id};
var token = jwt.sign(payload, jwtOptions.secretOrKey);
//res.json({message: "ok", token: token});
res.redirect('/secret')
} else {
res.status(401).json({message:"passwords did not match"});
}
});
app.get("/secret", passport.authenticate('jwt', { session: false }), function(req, res){
res.json("Success! You can not see this without a token");
});
我在哪里做错了?
答案 0 :(得分:1)
在您的 / login 中,您可以将它们保存在sessionStorage中以供将来使用...
类似这样的事情
if(user.password === req.body.password) {
....
var payload = {id: user.id};
var token = jwt.sign(payload, jwtOptions.secretOrKey);
req.session.token = token ;
}
}
使用此会话更新客户端上的sessionStorage
here is an article这是您登录后登录所需的内容......
您还需要销毁退出
上的Cookie答案 1 :(得分:0)
if you are getting token,you can send it as:
**
let headers = new Headers({'Content-Type':'application / json', '授权':'持票人'+ this.token});
**