Passport身份驗證中間件用在這裏,從登錄API我已經產生了JWT令牌,它是發送到API http://localhost:3030/home/的頭,但它扔錯誤:401(未經授權),護照身份驗證在節點
錯誤
angular.js:12587 POST http://localhost:3030/home/ 401(未授權)。
angular.js:14525可能未處理的拒絕:{「data」:「Unauthorized」,「status」:401,「config」:{「method」:「POST」,「transformRequest」:[null] transformResponse「:[null],」jsonpCallbackParam「:」callback「,」url「:」http://localhost:3030/home/「,」headers「:{」Accept「:」application/json,text/plain,/「}},」statusText 「:」 未授權「}
route.js
module.exports = function(app , passport){
app.use('/login',userCtrl);
app.use('/register',registerCtrl);
app.use('/home', passport.authenticate('jwt', { session: false }) , homerCtrl);
};
passposrt.js
var JwtStrategy = require('passport-jwt').Strategy,
ExtractJwt = require("passport-jwt").ExtractJwt;
var config = require('./appConfig.js');
module.exports = function(passport){
var jwtOptions = {}
jwtOptions.jwtFromRequest = ExtractJwt.fromAuthHeader();
jwtOptions.secretOrKey = config.secret;
var strategy = new JwtStrategy(jwtOptions, function(jwt_payload, next) {
var user = users[_.findIndex(users, {id: jwt_payload.id})];
if (user) {
next(null, user);
} else {
next(null, false);
}
});
passport.use(strategy);
}
家庭控制器
var mongoose = require("mongoose");
var User = mongoose.model("user");
var express = require("express");
var jwt = require('jsonwebtoken');
var config = require('./../config/appConfig.js');
//Type 1 using router
var router = express.Router();
router.post('/' , function(req, res, next){
var formData = req.body;
getUserData(formData , function(user){
res.json({ "responseMessage" : "Home Api Sucess" });
});
});
function getUserData(formData , cb){
User.findOne({username : formData.username}).then(function(user){
cb(user);
}).catch(function(err){
cb(err);
});
}
module.exports = router;
登錄控制器
var router = express.Router();
router.post('/' , function(req, res, next){
var formData = req.body;
var username = req.body.username;
var password = req.body.password;
getUserData(formData , function(user){
if(user){
user.verifyPassword(password , function(err, isMatch){
if(isMatch){
var token = createToken(user);
res.json({ "responseMessage" : "Login Sucess" , "token" :token});
}else{
res.json({ "responseMessage" : "Login Failed" });
}
})
}else{
res.json({ "responseMessage" : "Login Failed" });
}
});
});
function createToken(user){
var payload = {id: user.name};
var token = jwt.sign(payload, config.secret);
return "JWT " +token;
}
function getUserData(formData , cb){
User.findOne({username : formData.username}).then(function(user){
cb(user);
}).catch(function(err){
cb(err);
});
}
JWT令牌的頭部信息,而HTTP://本地主機:3030 /家名爲/。 –
嗯...在_passport.js_文件中。這行是'var user = users [_。findIndex(users,{id:jwt_payload.id})]];'正確檢索用戶?因爲當你創建令牌時,你這樣做:'id = user.username',但你似乎試圖通過'user.id'來查找。 –