fromAuthHeaderAsBearerToken在NODE中不起作用

时间:2018-05-13 15:30:40

标签: node.js authentication postman passport-jwt

我在Node中对护照身份验证做了以下事情。

1)我正在使用jwtFromRequest:ExtractJwt.fromAuthHeaderAsBearerToken()

module.exports = function(passport){
    var opts = {};
    opts.jwtFromRequest = ExtractJwt.fromAuthHeaderAsBearerToken();
    opts.secretOrKey = config.secret;
    console.log('Inside passport');
    //opts.issuer = 'accounts.examplesoft.com';
    //opts.audience = 'yoursite.net';
    passport.use(new JwtStrategy(opts, function(jwt_payload, done) {
        console.log('Payload :: '+jwt_payload._doc);
        User.getUserById({id: jwt_payload._doc._id}, function(err, User) {
            if (err) {
                return done(err, false);
            }
            if (User) {
                return done(null, User);
            } else {
                return done(null, false);
                // or you could create a new account
            }
        });
    }));

2)按以下方式调用方法:

userExpressRoutes.route('/profile')
    .get(passport.authenticate('jwt', { session: false }), function (req, res) {  });

3)在Ppostman中设置标题,如:Authorization:Bearer {token}

Post Authentication Header

4)它正在提供undefined有效载荷

Payload :: undefined
TypeError: Cannot read property '_id' of undefined

这里缺少什么来获取Jwt_payload?

有人可以帮助我吗?

4 个答案:

答案 0 :(得分:4)

一些有效的组合

对于-来自页眉 

ExtractJwt.fromHeader('authorization'),

Authorization : eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJyb2xlIjoiQ2xpZW50IiwiX2lkIjoiNWUzN2NkMGI4YTAxNjEwNWNhMmFjZjYwIiwiZW1haWwiOiJwcmFqYWt0YUBnbWFpbC5jb20iLCJwYXNzd29yZCI6IiQyYiQxMCRzWXN4MGcyWGsybWdSTHNaZXBEYkV1MklRcGhVOURkNnczeTBHaUxMWHJVeW5aazlUR0xKSyIsIl9fdiI6MCwiaWF0IjoxNTgwNzE5ODE3LCJleHAiOjE1ODA3Mjk4OTd9.38x2wztqJWz9EH8_lN0ca-L-8mTQvW36iF2bfGk_ydg

对于-来自页眉 

ExtractJwt.fromHeader('HelloTom'),

HelloTom : eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJyb2xlIjoiQ2xpZW50IiwiX2lkIjoiNWUzN2NkMGI4YTAxNjEwNWNhMmFjZjYwIiwiZW1haWwiOiJwcmFqYWt0YUBnbWFpbC5jb20iLCJwYXNzd29yZCI6IiQyYiQxMCRzWXN4MGcyWGsybWdSTHNaZXBEYkV1MklRcGhVOURkNnczeTBHaUxMWHJVeW5aazlUR0xKSyIsIl9fdiI6MCwiaWF0IjoxNTgwNzE5ODE3LCJleHAiOjE1ODA3Mjk4OTd9.38x2wztqJWz9EH8_lN0ca-L-8mTQvW36iF2bfGk_ydg

对于-fromAuthHeaderAsBearerToken 

ExtractJwt.fromAuthHeaderAsBearerToken(),

Authorization : bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJyb2xlIjoiQ2xpZW50IiwiX2lkIjoiNWUzN2NkMGI4YTAxNjEwNWNhMmFjZjYwIiwiZW1haWwiOiJwcmFqYWt0YUBnbWFpbC5jb20iLCJwYXNzd29yZCI6IiQyYiQxMCRzWXN4MGcyWGsybWdSTHNaZXBEYkV1MklRcGhVOURkNnczeTBHaUxMWHJVeW5aazlUR0xKSyIsIl9fdiI6MCwiaWF0IjoxNTgwNzE5ODE3LCJleHAiOjE1ODA3Mjk4OTd9.38x2wztqJWz9EH8_lN0ca-L-8mTQvW36iF2bfGk_ydg

用于-fromAuthHeaderWithScheme 

ExtractJwt.fromAuthHeaderWithScheme('JWT'),

Authorization : JWT eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJyb2xlIjoiQ2xpZW50IiwiX2lkIjoiNWUzN2NkMGI4YTAxNjEwNWNhMmFjZjYwIiwiZW1haWwiOiJwcmFqYWt0YUBnbWFpbC5jb20iLCJwYXNzd29yZCI6IiQyYiQxMCRzWXN4MGcyWGsybWdSTHNaZXBEYkV1MklRcGhVOURkNnczeTBHaUxMWHJVeW5aazlUR0xKSyIsIl9fdiI6MCwiaWF0IjoxNTgwNzE5ODE3LCJleHAiOjE1ODA3Mjk4OTd9.38x2wztqJWz9EH8_lN0ca-L-8mTQvW36iF2bfGk_ydg

用于-fromAuthHeaderWithScheme 

ExtractJwt.fromAuthHeaderWithScheme('HelloJerry'),

Authorization : HelloJerry eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJyb2xlIjoiQ2xpZW50IiwiX2lkIjoiNWUzN2NkMGI4YTAxNjEwNWNhMmFjZjYwIiwiZW1haWwiOiJwcmFqYWt0YUBnbWFpbC5jb20iLCJwYXNzd29yZCI6IiQyYiQxMCRzWXN4MGcyWGsybWdSTHNaZXBEYkV1MklRcGhVOURkNnczeTBHaUxMWHJVeW5aazlUR0xKSyIsIl9fdiI6MCwiaWF0IjoxNTgwNzE5ODE3LCJleHAiOjE1ODA3Mjk4OTd9.38x2wztqJWz9EH8_lN0ca-L-8mTQvW36iF2bfGk_ydg

答案 1 :(得分:2)

我通过下面的代码段解决了这个问题。谢谢大家的支持...... 

   const JwtStrategy = require('passport-jwt').Strategy;
const ExtractJwt = require('passport-jwt').ExtractJwt;
const User = require('../models/User');
const config = require('../config/DB');

module.exports = function(passport){
  let opts = {};
  opts.jwtFromRequest = ExtractJwt.fromAuthHeaderAsBearerToken();
  opts.secretOrKey = config.secret;
  passport.use(new JwtStrategy(opts, (jwt_payload, done) => {
    User.findById(jwt_payload.data._id, (err, User) => {
      if(err){
        return done(err, false);
      }

      if(User){
        return done(null, User);
      } else {
        return done(null, false);
      }
    });
  }));
}

答案 2 :(得分:0)

好吧,我认为“ fromAuthHeaderAsBearerToken()”不起作用。不知道为什么他们没有将其删除!!!!! 好的,仍然可以使用更简单的版本,我们仍然可以“ ExtractJwt.fromHeader()” “ ExtractJwt.fromUrlQueryParameter()” 并在使用POSTMAN中进行测试, / p>

对于方法01:“ ExtractJwt.fromUrlQueryParameter()” 点击参数: 在名称字段中,在值字段中键入“ secret_token”,粘贴接收到的令牌

对于方式02:“ ExtractJwt.fromHeader()” 点击“标题”:  在名称中输入“ auth”,然后在“值”字段中粘贴收到的令牌。

var JwtStrategy = require('passport-jwt').Strategy,
ExtractJwt = require('passport-jwt').ExtractJwt,
User = require('../models/user'),
keys = require('./keys');


module.exports = (passport)=> {
    passport.use(new JwtStrategy({
        secretOrKey   : keys.jwtkey.JWT_KEY,
        //way 01
        jwtFromRequest: ExtractJwt.fromUrlQueryParameter('secret_token')
      // or way 02: 
      //ExtractJwt.fromHeader('auth')
    },
    function (jwtPayload, done) {

console.log(JSON.stringify(jwtPayload));
        return User.findById({_id:jwtPayload._id}, function(err, user) {
            if (err) {
                return done(err, false);
            }
            if (user) {
                console.log('User is '+ user);
                return done(null, user);
            } else {
                return done(null, false);
                // or you could create a new account
            }
        });
    }

));
};

答案 3 :(得分:0)

对我有用:

我在以下请求中更改了授权标头: eyJhbGciOiJIUzI1NiIsI...(jwt令牌)

Bearer eyJhbGciOiJIUzI1NiIsI...

相关问题
最新问题