[英]In Adonis.js Why refreshToken is null?
I am learning Adonisjs and wanted to implement the logout part in my api rest, but I can't due to whenever I will logout refresh_token is requested in the request, but I don't know where this refresh_token comes from.我正在学习 Adonisjs 并想在我的 api rest 中实现注销部分,但我不能因为每当我将注销时,请求中都会请求 refresh_token,但我不知道这个 refresh_token 来自哪里。 I noticed that when I log in, I get a "requestToken" parameter, but it's null anyway
我注意到,当我登录时,我得到一个“requestToken”参数,但无论如何它是 null
When I log in it works and returns something like to me:当我登录时,它可以工作并向我返回类似的东西:
{
"type": "bearer",
"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1aWQiOjEsImlhdCI6MTU3MTAxNTAwMH0.xXX6oDvdvdz59UJ2fstrFmOJEGP8luwKPtTeVF-Y224",
"refreshToken": null
}
Here's the code:这是代码:
async login ({ request, auth }) {
const { email, password } = request.all()
const token = await auth.attempt(email, password)
return token
}
async logout({ request, response}) {
const rules = {
refresh_token: 'required'
};
const { refresh_token } = request.only(['refresh_token']);
const validation = await validate({ refresh_token }, rules);
const decrypted = Encryption.decrypt(refresh_token);
if (!validation.fails()) {
try {
const refreshToken = await Token.findBy('token', decrypted);
if (refreshToken) {
refreshToken.delete();
response.status(200).send({ status: 'ok' });
} else {
response.status(401).send({ error: 'Invalid refresh token' });
}
} catch (err) {
response.status(401).send({ error: err.toString()});
}
} else {
response.status(401).send(validation.messages());
}
}
}
I tried to take a look at some git api or even adonisjs authentication documentation, but to no avail.我试图查看一些 git api 甚至 adonisjs 身份验证文档,但无济于事。
I also tried to add the token that is answered in request "request_token", but it returns invalid token:我还尝试添加请求“request_token”中回答的令牌,但它返回无效令牌:
{
"error": "Invalid refresh token"
}
So, how can i solve that?那么,我该如何解决呢?
As per adonis doc, follow this api call - which generates refresh token during login - authentication flow根据 adonis doc,请遵循此 api 调用-在登录期间生成刷新令牌-身份验证流程
Instruct the JWT authenticator to generate a refresh token as well:指示 JWT 身份验证器也生成刷新令牌:
await auth
.withRefreshToken()
.attempt(uid, password)
Ref: https://adonisjs.com/docs/4.1/authentication参考: https://adonisjs.com/docs/4.1/authentication
I tried using the sample example as ref in the docs https://legacy.adonisjs.com/docs/4.0/authentication#_jwt but didn't work.我尝试使用示例示例作为文档https://legacy.adonisjs.com/docs/4.0/authentication#_jwt中的参考,但没有奏效。 got
得到
await auth.withRefreshToken().attempt(uid, password)
output output
{
"type": "bearer",
"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1aWQiOjEsImlhdCI6MTU3MTAxNTAwMH0.xXX6oDvdvdz59UJ2fstrFmOJEGP8luwKPtTeVF-Y224",
"refreshToken": null
}
instead use this而是使用这个
if (await auth.attempt(uid, password)) {
const savedUser = await User.findBy("uid", uid);
await auth.withRefreshToken().generate(savedUser);
}
output output
{
"type": "bearer",
"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1aWQiOjEsImlhdCI6MTYzNDMyMjc2MywiZXhwIjoxNzIwNzIyNzYzLCJpc3MiOiJpc3MifQ.mj48h77eQQZfn7TjqyW_HDv5AIaTGtTabbID3J2Tnqw"
"refreshToken": "d62308224c28a1569b0381c3f2f5b29fORSRBIdsHgfqHsqC+0RJQ3OCNZ/8/XW1NEq4AtEQTUfYonzodsqLUAy+e2sHsjIz"
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.