堆栈内存溢出
  简体   繁体   English

更新为passport-jwt并得到未经授权的错误

[英]Updated to passport-jwt and getting unauthorized error

 原文  2018-04-14 19:41:39       node.js/ passport.js/ passport-jwt

问题描述

I've upgraded from passport-jwt 1.2.1 to pasport-jwt 4.0. 我已经从passport-jwt 1.2.1升级到pasport-jwt 4.0。 I updated the passport code to use the ExtractJwt.fromHeader, which I believe is labeled 'Authorizaton', which you will see in my Header Request code below. 我更新了护照代码,以使用ExtractJwt.fromHeader,我相信它被标记为“ Authorizaton”,您将在下面的“ Header Request”代码中看到该代码。 

var JwtStrategy = require('passport-jwt').Strategy,
    ExtractJwt = require('passport-jwt').ExtractJwt;

// load up the user model
var User = require('../models/user');
var config = require('../config/database'); // get db config file


module.exports = function(passport) {
  var opts = {}
  opts.jwtFromRequest = ExtractJwt.fromHeader('Authorization');
  opts.secretOrKey = 'secret';

  passport.use(new JwtStrategy(opts, function(jwt_payload, done) {
      User.findOne({id: jwt_payload.sub}, function(err, user) {
          if (err) {
              return done(err, false);
          }
          if (user) {
              return done(null, user);
          } else {
              return done(null, false);
          }
      });
  }));
};

My header request shows like below, which just has some test code in it. 我的标头要求如下所示,其中仅包含一些测试代码。 

Accept: application/json, text/plain, */*
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Authorization: JWT eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJfaWQiOiI1YWQyNTc3MWQwZWM3YzQ2YmFhNjYzOTgiLCJsb2dpbiI6ImNuYWtlYSIsInBhc3N3b3JkIjoiJDJhJDEwJFAzVG1wNDU3ZmhHdHdnaTZseGRRSGVRUENmR1F0OWMvWHVtSDZCTEtUlVQbUEvLnZvRGp5IiwiZW1haWwiOiJjaHJpc0BjaHJpc25ha2VhLmNvbSIsImNvbmZpcm1hdGlvbljb2RlIjoiMjk3NTNiZDYtZTQyYi1kYjRkLWM4ODUtZDE5MzlmYjdkZWU4IiwiY29uZmlybV9leHBpcmUiOiyMDE4LTA0LTE1VDE5OjMzOjA1LjQ0OVoiLCJfX3YiOjAsImNvbmZpcm1lZCI6dHJ1ZX0.ow_5ZsqEeP_2oJxG7IuzZUJrsZa84CDMW3Nk4qXbgik
Cache-Control: no-cache
Connection: keep-alive
Host: localhost:3000
Origin: http://localhost:8100
Pragma: no-cache
Referer: http://localhost:8100/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 11_0 like Mac OS X) AppleWebKit/604.1.38 (KHTML, like Gecko) Version/11.0 Mobile/15A372 Safari/604.1

For some reason I'm getting a response of "Unauthorized". 由于某种原因,我得到的响应是“未经授权”。

This is how I'm placing the call from my angularjs service: 这就是我从angularjs服务发出呼叫的方式: 

  function useCredentials(token) {
    isAuthenticated = true;
    authToken = token;

    // Set the token as header for your requests!
    $http.defaults.headers.common.Authorization = authToken;
  }

How do I fix this? 我该如何解决?

So it looks like the Authentication code is working, and it is actually this code that is failing: 因此,看来验证代码正在运行,并且实际上是此代码失败了: 

var express = require('express');
var router = express.Router();
var jwt = require('jwt-simple');
var config = require('../config/database'); 
var passport  = require('passport');

require('../config/passport')(passport);

var User = require('../models/user');

router.route('/')

.get(passport.authenticate('jwt', { session: false}), function(req, res) {

  var token = getToken(req.headers);

  if (token) {

    var decoded = jwt.decode(token, config.secret);

    User.findOne({
      login: decoded.login
    }, function(err, user) {
        if (err) throw err;

        if (!user) {
          return res.status(403).send({success: false, msg: 'Authentication failed. User not found.'});
        } else {

          //CUSTOMIZE DATA TO RETURN ***
          var data = {
            id:user.id,
            login:user.login,
            email:user.email
          };

          res.json(data);
        }
    });

  } else {
    return res.status(403).send({success: false, msg: 'No token provided.'});
  }
});

getToken = function (headers) {
  if (headers && headers.authorization) {
    var parted = headers.authorization.split(' ');
    if (parted.length === 2) {
      return parted[1];
    } else {
      return null;
    }
  } else {
    return null;
  }
};

module.exports = router;

1 个解决方案

解决方案1
 1 已采纳  2018-04-14 21:49:23

Try this: 尝试这个: 

opts.jwtFromRequest = ExtractJwt.fromAuthHeaderAsBearerToken();

This will create a new extractor that looks for the JWT in the authorization header with the scheme 'bearer' so your header will be something like this Authorization: Bearer jk12h3j231231jkl12j 这将创建一个新的提取器,该提取器使用方案“ bearer”在授权标头中查找JWT,因此您的标头将类似于以下Authorization: Bearer jk12h3j231231jkl12j 

function useCredentials(token) {
    isAuthenticated = true;
    authToken = token;

    // Set the token as header for your requests!
    $http.defaults.headers.common.Authorization = `Bearer ${authToken}`;
}

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Passport-jwt未经授权 - Passport-jwt Unauthorized 未经授权:错误401 Passport-jwt - Unauthorized: Error 401 passport-jwt passport-jwt 401未经授权 - passport-jwt 401 Unauthorized NodeJs:错误 401(未经授权)我正在使用 passport-jwt - NodeJs :Error 401(Unauthorized) i m using passport-jwt passport-jwt 总是返回 401 unauthorized - passport-jwt always return 401 unauthorized 使用passport-jwt登录后未经授权 - Unauthorized after login with passport-jwt 使用passport-jwt授权jwt令牌时获得401未授权状态 - Getting 401 unauthorized status while authorizing jwt token using passport-jwt Passport-JWT抛出secretOrKey Provider错误 - Passport-JWT throwing secretOrKey Provider error NodeJs Express passport-jwt 从令牌中获取错误的用户 - NodeJs Express passport-jwt getting wrong user from token 瞄准镜通行证-jwt - Scope access passport-jwt
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM