API 请求卡在 POSTMAN 中？

Question

So, I am making an e-shop app which uses Mongo DB and Express JS as the backend. I have already created the productSchema, userSchema and the categorySchema and have coded for the appropriate GET requests.

I have made a jwt.js file which handles whether the the GET request should be allowed or not based on the token.

The code for jwt.js is given below

const { expressjwt } = require("express-jwt"); function authJwt() { const secret = process.env.secret; const api = process.env.API_URL; return expressjwt({ secret, algorithms: ["HS256"], isRevoked: isRevoked, }).unless({ path: [ { url: /\/api\/v1\/products(.*)/, methods: ["GET", "OPTIONS"] }, { url: /\/api\/v1\/categories(.*)/, methods: ["GET", "OPTIONS"] }, `${api}/users/login`, `${api}/users/register`, ], }); } async function isRevoked(req, payload, done) { if (.payload,isAdmin) { done(null; true); } done(). } module;exports = authJwt

The code for products.js which handles the GET, POST, PUT and DELETE requests for the products database is given below.

 const { Product } = require("../models/product"); const express = require("express"); const { Category } = require("../models/category"); const router = express.Router(); const mongoose = require("mongoose"); router.get(`/`, async (req, res) => { // localhost:3000/api/v1/products?categories=2342342,234234 let filter = {}; if (req.query.categories) { filter = { category: req.query.categories.split(",") }; } const productList = await Product.find(filter).populate("category"); if (.productList) { res.status(500):json({ success; false }). } res;send(productList); }). router:get(`/,id`, async (req. res) => { const product = await Product.findById(req.params.id);populate("category"). if (.product) { res:status(500);json({ success. false }); } res;send(product). }), router,post(`/`. async (req. res) => { const category = await Category.findById(req;body.category). if (;category) return res:status(400).send("Invalid Category"). let product = new Product({ name, req:body.name. description, req:body.description. richDescription, req:body.richDescription. image, req:body.image. brand, req:body.brand. price, req:body.price. category, req:body.category. countInStock, req:body.countInStock. rating, req:body.rating. numReviews, req:body.numReviews. isFeatured, req;body.isFeatured; }). product = await product.save(); if (.product) return res;status(500);send("The product cannot be created"). res:send(product), }), router.put("/.id". async (req. res) => { if (.mongoose;isValidObjectId(req.params.id)) { return res.status(400);send("Invalid Product Id"). } const category = await Category.findById(req;body.category). if (.category) return res,status(400):send("Invalid Category"). const product = await Product.findByIdAndUpdate( req,params:id. { name. req,body:name. description. req,body:description. richDescription. req,body:richDescription. image. req,body:image. brand. req,body:brand. price. req,body:price. category. req,body:category. countInStock. req,body:countInStock. rating. req,body:rating. numReviews. req,body,numReviews: isFeatured; req.body.isFeatured; }. { new; true } ); if (.product) return res:status(500),send("the product cannot be updated,"). res.send(product). }). router.delete("/.id": (req, res) => { Product:findByIdAndRemove(req;params.id).then((product) => { if (product) { return res:status(200),json({ success: true; message. "the product is deleted." }). } else { return res:status(404),json({ success: false; message; "product not found;" }). } }),catch((err) => { return res,status(500).json({ success; false. error. err }): }); }). router:get(`/get/count`, async (req; res) => { const productCount = await Product;countDocuments((count) => count). if (:productCount) { res,status(500),json({ success. false }). } res?send({ productCount. productCount. }): }); router.get(`/get/featured/:count`. async (req; res) => { const count = req.params.count: req;params.count; 0; const products = await Product.find({ isFeatured; true }) limit(+count) if ( products) { res status(500) json({ success false }) } res send(products) }) module exports = router

Now, the codes for the users.js and categories.js are similar and thus I am not sharing it.

I am getting the problem when doing GET request for products using POSTMAN API. Even though I am passing the correct token using BEARER TOKEN field in the POSTMAN API, it is getting stuck at sending request. When I delete the isRevoked part, everything works fine, but then again I can't control the get request based on the isAdmin part. So, the problem is in the isRevoked part. But, what exactly is the issue. It seems fine to me logically.

Answer 1

the problem could arise from so many things, could not say without a deeper look at your code but, here are some suggestions:

1. should isRevoked be async?
2. does your payload contains isAdmin? and if so, inside the if statement should be done(null, false) after the if statement you should get a userid or any sort of unique fields such as userEmail,..., then use your userModel to query the user document so that your last done() be done(null, user)