[英]Multiple passport-jwt strategy in the same app
How can I created two different passport-jwt using different passwords and use it to authenticate two different roles?如何使用不同的密码创建两个不同的护照 jwt 并使用它来验证两个不同的角色?
Example:示例:
var passport_admin = require('../../node_modules/passport');
var passport_user = require('../../node_modules/passport');
require('../auth_layer/admin_jwt_auth')(passport_admin);
require('../auth_layer/user_jwt_auth')(passport_user);
app.post('/admin/profile',passport_admin.authenticate('jwt',{session:false}), business_admin.post_profile);
app.post('/user/profile',passport_user.authenticate('jwt',{session:false}), business_admin.post_profile);
When I do the above it does not work(401 when verifying token) because I require two different authentication midleware in my route.当我执行上述操作时,它不起作用(验证令牌时为 401),因为我的路由中需要两个不同的身份验证中间件。
How can I achieve that?我怎样才能做到这一点? or Does it make sense to do it?
或者这样做有意义吗?
Thanks for your help.感谢您的帮助。
I had exactly the same issue with you but after a number of research, trials and errors, I found my own method in solving this problem and wanted to share it with you.我和你遇到了完全相同的问题,但经过多次研究、试验和错误,我找到了自己解决这个问题的方法,并想与你分享。 First on your syntax below, only one rule will be implemented :
首先在下面的语法中,只会实现一个规则:
var passport_admin = require('../../node_modules/passport');
var passport_user = require('../../node_modules/passport');
The rule which will be used is only the latest which is passport_user .将使用的规则只是最新的规则,即passport_user 。 To tackle this, you need to go to your passport.js api and create two passport rules with different names (in the same js file) like below
为了解决这个问题,你需要去你的passport.js api并创建两个不同名称的护照规则(在同一个js文件中),如下所示
passport.use('admin-rule',
new JwtStrategy(opts, (...........) => {.........
}));
passport.use('user-rule',
new JwtStrategy(opts, (...........) => {.........
}));
Then you want to use the 'admin-rule' on your admin syntax, same idea with user syntax (use 'user-rule').然后你想在你的管理语法上使用'admin-rule',与用户语法相同的想法(使用'user-rule')。
app.post('/admin/profile',passport_admin.authenticate('admin-rule'
{session:false}), business_admin.post_profile);
That way your admin & user will use the specified passport rule on it's router.这样您的管理员和用户将在其路由器上使用指定的通行证规则。
This solution allows you to use the same url for both strategies, just name them.此解决方案允许您对两种策略使用相同的 url,只需为它们命名即可。
https://github.com/mikenicholson/passport-jwt/issues/182 https://github.com/mikenicholson/passport-jwt/issues/182
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.