2
我以node.js,express.js和passport.js開頭。當我使用passeport.authenticate時,標題消失()
我嘗試使用passport-jwt。我已成功登錄並獲取我的令牌,但是當我使用passport.authenticate()時,標題消失,我無法檢查令牌。
我明顯地得到標題時,我不使用passport.authenticate()。
這一切對於涉及到護照,智威湯遜驗證代碼(如果我更換req.header.authorization此代碼工作令牌):
const express = require('express')
const app = express()
const bodyParser = require('body-parser')
const users = require("./users.js")
const jwt = require("jsonwebtoken")
const passport = require("passport")
const http = require("http")
const notes = require('./notes')
const passportJWT = require("passport-jwt")
const ExtractJwt = passportJWT.ExtractJwt
const JwtStrategy = passportJWT.Strategy
app.use(bodyParser.json())
app.all('*', function(req, res, next) {
res.header('Access-Control-Allow-Origin', '*')
res.header('Access-Control-Allow-Methods', 'PUT, GET, POST, DELETE, OPTIONS')
res.header('Access-Control-Allow-Headers', 'Content-type, Authorization')
next()
})
var opts = {}
opts.jwtFromRequest = function(req) {
var token = null;
token = req.headers.authorization
console.log(token)
return token
}
opts.secretOrKey = 'secret'
passport.use(new JwtStrategy(opts, function(payload, done) {
var user = users[payload.id-1]
console.log(user)
if (user) {
return done(null, {
id: user.id
})
} else {
return done(new Error("User not found"), null);
}
}))
app.use(passport.initialize())
app.use(passport.session())
app.use('/notes', passport.authenticate('jwt', { session: false }), notes)
app.post("/signin", function(req, res) {
if (req.body.email && req.body.password) {
var email = req.body.email
var password = req.body.password
var user = users.find(function(u) {
return u.email === email && u.password === password;
})
if (user) {
var token = jwt.sign({
id: user.id
}, 'secret', { expiresIn: 60 * 60 })
res.json({
token: token
})
} else {
res.sendStatus(401)
}
} else {
res.sendStatus(401)
}
})
有人可以幫助我嗎?
EDIT 1
Angular2代碼添加標題爲每個請求(爲了不以不必要的代碼污染我剛添加的get部分,其他部分不用於我嘗試請求):
apiUrl: string = 'http://localhost:3500'
constructor(private http: Http) {}
headers: Headers = new Headers
({
'Content-type': 'application/json',
Accept: 'application/json',
})
get(path: string): Observable<any>
{
this.headers.append('Authorization', window.localStorage.getItem('token'))
console.log(this.headers)
return this.http.get(`${this.apiUrl}${path}`, { headers: this.headers})
.map(this.checkForError)
.catch(err => Observable.throw(err))
.map(this.getJson)
}
而且我打電話get(path: string)與'/notes'。
EDIT 2
而不是用我的Angular2代碼,快速測試,你可以使用捲曲:
首先添加一個用戶users.js在node.js中,例如:
var users = [{
id: 1,
name: "user",
email: "[email protected]",
password: "user123"
}]
module.exports = users
下一頁使用捲曲識別(這裏在Windows上):
curl -H "Content-Type: application/json" -X POST --data "{\"email\":\"[email protected]\",\"password\":\"user123\"}" http://localhost:3500/signin
在這裏,你得到的響應令牌和你發送:
curl -H "Content-Type: application/json,Authorization: theToken" http://localhost:3500/notes
你可以發佈你的客戶端代碼嗎?你在哪裏發送請求到'/ notes'? –
我用相關的客戶端代碼編輯。是的,我將請求發送到'/ notes'。感謝您的編輯和回覆。 – fleau
我試過你的服務器代碼,我用jQuery發送請求,它工作正常,所以我猜這個問題是與客戶端代碼。基於[this](https://www.w3.org/Protocols/rfc2616/rfc2616.html),頭文件區分大小寫,所以我建議使用'token = req.headers.Authorization'(大寫A ),看看它是否有效。 –