[英]How to Pass Cognito JWT Token in HttpInteceptor in Angular
我目前有一个使用 Cognito 进行用户登录和身份验证的应用程序
这就是我用于用户身份验证的内容
import { Injectable } from '@angular/core';
import { BehaviorSubject } from 'rxjs';
import Amplify, { Auth } from 'aws-amplify';
import { environment } from '../environments/environment';
export interface IUser {
email: string;
password: string;
showPassword: boolean;
code: string;
name: string;
}
@Injectable({
providedIn: 'root',
})
export class CognitoService {
private authenticationSubject: BehaviorSubject<any>;
Tokentest: string = '';
constructor() {
Amplify.configure({
Auth: environment.cognito
});
this.authenticationSubject = new BehaviorSubject<boolean>(false);
}
public signUp(user: IUser): Promise<any> {
return Auth.signUp({
username: user.email,
password: user.password,
});
}
public confirmSignUp(user: IUser): Promise<any> {
return Auth.confirmSignUp(user.email, user.code);
}
public signIn(user: IUser): Promise<any> {
return Auth.signIn(user.email, user.password)
.then((user) => {
this.authenticationSubject.next(true);
let Token = user.getSignInUserSession().getAccessToken().getJwtToken();
console.log(Token);
this.Tokentest = Token;
});
}
public signOut(): Promise<any> {
return Auth.signOut()
.then(() => {
this.authenticationSubject.next(false);
});
}
public isAuthenticated(): Promise<boolean> {
if (this.authenticationSubject.value) {
return Promise.resolve(true);
} else {
return this.getUser()
.then((user: any) => {
if (user) {
return true;
} else {
return false;
}
}).catch(() => {
return false;
});
}
}
public getUser(): Promise<any> {
return Auth.currentUserInfo();
}
public updateUser(user: IUser): Promise<any> {
return Auth.currentUserPoolUser()
.then((cognitoUser: any) => {
return Auth.updateUserAttributes(cognitoUser, user);
});
}
}
然后我有一个令牌拦截器服务,它查看任何 http 请求并在 header 中传递 jwt 令牌
import { HttpEvent, HttpHandler, HttpInterceptor, HttpRequest } from '@angular/common/http';
import { Injectable } from '@angular/core';
import { Observable } from 'rxjs';
import Amplify, { Auth} from 'aws-amplify';
import { IUser, CognitoService } from '../cognito.service';
@Injectable({
providedIn: 'root'
})
export class TokenInteceptorService implements HttpInterceptor {
constructor() { }
intercept(req: HttpRequest<any>, next: HttpHandler): Observable<HttpEvent<any>> {
///
let token = localStorage.getItem('{the key for the jwt token}')
let jwttoken = req.clone({
setHeaders:{
Authorization: 'Bearer ' + token
}
})
return next.handle(jwttoken);
}
}
我的问题是,到目前为止,我已经使用getItem获取了在localStorage中设置的令牌值的密钥,并将该密钥值传递给 header。
如果我有多个用户,这将不起作用,因为每个密钥都会不同。
无论谁登录,我 go 如何通过拦截器传递 jwt 令牌。
任何帮助将不胜感激
您应该将您的 CognitoService 注入您的拦截器,如下所示:
import {
HttpEvent,
HttpHandler,
HttpInterceptor,
HttpRequest,
} from '@angular/common/http';
import { Injectable } from '@angular/core';
import { Observable, from, switchMap } from 'rxjs';
import Amplify, { Auth } from 'aws-amplify';
import { IUser, CognitoService } from '../cognito.service';
@Injectable({
providedIn: 'root',
})
export class TokenInteceptorService implements HttpInterceptor {
constructor(private readonly _cognitoService: CognitoService) {}
intercept(
req: HttpRequest<any>,
next: HttpHandler
): Observable<HttpEvent<any>> {
//
return from(this._cognitoService.getSession()).pipe(
switchMap((session) => {
let jwttoken = req.clone({
setHeaders: {
Authorization: 'Bearer ' + session.accessToken.jwtToken,
},
});
return next.handle(jwttoken);
})
);
}
}
然后在您的 CognitoService 中,您必须提供getSession() function:
import { Injectable } from '@angular/core';
import { BehaviorSubject } from 'rxjs';
import Amplify, { Auth } from 'aws-amplify';
import { environment } from '../environments/environment';
export interface IUser {
email: string;
password: string;
showPassword: boolean;
code: string;
name: string;
}
@Injectable({
providedIn: 'root',
})
export class CognitoService {
private authenticationSubject: BehaviorSubject<any>;
Tokentest: string = '';
constructor() {
Amplify.configure({
Auth: environment.cognito,
});
this.authenticationSubject = new BehaviorSubject<boolean>(false);
}
public signUp(user: IUser): Promise<any> {
return Auth.signUp({
username: user.email,
password: user.password,
});
}
public confirmSignUp(user: IUser): Promise<any> {
return Auth.confirmSignUp(user.email, user.code);
}
public signIn(user: IUser): Promise<any> {
return Auth.signIn(user.email, user.password).then((user) => {
this.authenticationSubject.next(true);
let Token = user.getSignInUserSession().getAccessToken().getJwtToken();
console.log(Token);
this.Tokentest = Token;
});
}
public signOut(): Promise<any> {
return Auth.signOut().then(() => {
this.authenticationSubject.next(false);
});
}
public isAuthenticated(): Promise<boolean> {
if (this.authenticationSubject.value) {
return Promise.resolve(true);
} else {
return this.getUser()
.then((user: any) => {
if (user) {
return true;
} else {
return false;
}
})
.catch(() => {
return false;
});
}
}
public getUser(): Promise<any> {
return Auth.currentUserInfo();
}
public getSession(): Promise<any> {
return Auth.currentSession();
}
public updateUser(user: IUser): Promise<any> {
return Auth.currentUserPoolUser().then((cognitoUser: any) => {
return Auth.updateUserAttributes(cognitoUser, user);
});
}
}
一个提示:您还应该检查您的类型。 将any设置为类型通常不是一个好的做法。
AWS Cognito 如何在收到授权码后查询 JWT 令牌
[英]AWS Cognito how to query for the JWT Token after receiving an authorization code
如何将 AWS Cognito 令牌添加到 Angular Http 拦截器
[英]How to add AWS Cognito token to the Angular Http Interceptor
AWS Cognito - 使用 JWT 与 cognito.getUser SDK 验证令牌
[英]AWS Cognito - verify token using JWT vs cognito.getUser SDK
AWS Cognito JWT 身份验证适用于 ID 令牌,但不适用于访问令牌? 返回 401
[英]AWS Cognito JWT authentication works with the ID Token, but not the Access Token? Returns 401
在预身份验证用户的情况下如何使用 amazon cognito 获取刷新令牌
[英]How to get refresh token using amazon cognito in case of Preauthenticated User
如何使用 swift 从 AuthCognitoTokensProvider 检索 Cognito 令牌
[英]How to retrieve Cognito token from AuthCognitoTokensProvider using swift
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.