1. 首頁
  2. 問答
  3. 錯誤:401(未經授權),護照身份驗證在節點

錯誤:401(未經授權),護照身份驗證在節點

2017-05-09 145 views
2

Passport身份驗證中間件用在這裏,從登錄API我已經產生了JWT令牌,它是發送到API http://localhost:3030/home/的頭,但它扔錯誤:401(未經授權),護照身份驗證在節點

錯誤

angular.js:12587 POST http://localhost:3030/home/ 401(未授權)。

angular.js:14525可能未處理的拒絕:{「data」:「Unauthorized」,「status」:401,「config」:{「method」:「POST」,「transformRequest」:[null] transformResponse「:[null],」jsonpCallbackParam「:」callback「,」url「:」http://localhost:3030/home/「,」headers「:{」Accept「:」application/json,text/plain,/「}},」statusText 「:」 未授權「}

route.js

module.exports = function(app , passport){ 
    app.use('/login',userCtrl); 
    app.use('/register',registerCtrl); 
    app.use('/home', passport.authenticate('jwt', { session: false }) , homerCtrl); 
};

passposrt.js

var JwtStrategy = require('passport-jwt').Strategy, 
    ExtractJwt = require("passport-jwt").ExtractJwt; 
var config = require('./appConfig.js'); 

module.exports = function(passport){ 
    var jwtOptions = {} 
    jwtOptions.jwtFromRequest = ExtractJwt.fromAuthHeader(); 
    jwtOptions.secretOrKey = config.secret; 
    var strategy = new JwtStrategy(jwtOptions, function(jwt_payload, next) { 
     var user = users[_.findIndex(users, {id: jwt_payload.id})]; 
     if (user) { 
      next(null, user); 
     } else { 
      next(null, false); 
     } 
    }); 
    passport.use(strategy); 
}

家庭控制器

var mongoose = require("mongoose"); 
var User = mongoose.model("user"); 
var express = require("express"); 
var jwt = require('jsonwebtoken'); 
var config = require('./../config/appConfig.js'); 

//Type 1 using router 
var router = express.Router(); 
router.post('/' , function(req, res, next){ 
    var formData = req.body; 
    getUserData(formData , function(user){ 
     res.json({ "responseMessage" : "Home Api Sucess" }); 
    }); 
}); 

function getUserData(formData , cb){ 
    User.findOne({username : formData.username}).then(function(user){ 
     cb(user); 
    }).catch(function(err){ 
     cb(err); 
    }); 
} 

module.exports = router;

登錄控制器

var router = express.Router(); 
router.post('/' , function(req, res, next){ 
var formData = req.body; 
var username = req.body.username; 
var password = req.body.password; 

getUserData(formData , function(user){ 
    if(user){ 
     user.verifyPassword(password , function(err, isMatch){ 
     if(isMatch){ 
      var token = createToken(user); 
      res.json({ "responseMessage" : "Login Sucess" , "token" :token}); 
     }else{ 
      res.json({ "responseMessage" : "Login Failed" }); 
     } 
    }) 
    }else{ 
     res.json({ "responseMessage" : "Login Failed" }); 
    } 
}); 
}); 

function createToken(user){ 
var payload = {id: user.name}; 
    var token = jwt.sign(payload, config.secret); 
    return "JWT " +token; 
} 

function getUserData(formData , cb){ 
    User.findOne({username : formData.username}).then(function(user){ 
     cb(user); 
    }).catch(function(err){ 
     cb(err); 
    }); 
}

來源

2017-05-09 Haris KK

回答

0

你必須發送Authorization頭爲每個受保護的途徑。

請參閱使用郵差的例子:

enter image description here

PS:你必須創建在登錄過程中JWT令牌。

希望它能幫助你。

來源

2017-05-09 12:28:06

+0

JWT令牌的頭部信息,而HTTP://本地主機:3030 /家名爲/。 –

+0

嗯...在_passport.js_文件中。這行是'var user = users [_。findIndex(users,{id:jwt_payload.id})]];'正確檢索用戶?因爲當你創建令牌時,你這樣做:'id = user.username',但你似乎試圖通過'user.id'來查找。 –

1

passport.js更換

jwtOptions.jwtFromRequest = ExtractJwt.fromAuthHeader(); 


jwtOptions.jwtFromRequest = ExtractJwt.fromAuthHeaderWithScheme('JWT');

來源

2017-09-27 10:46:05

+0

工作表示感謝 – Lijo

相關問題

 相關問題