时间戳

首页 > 解决方案 > NodeJs JWT 护照

node.js - NodeJs JWT 护照

问题描述

我使用带有护照身份验证 JWT 的 nodejs。我可以创建 JWT 令牌,但如果我使用 passport.authenticate('jwt') 保护我的路线,它就不起作用并且我有错误。

我的错误:TypeError: Cannot read property '_id' of undefined at JwtStrategy._verify (D:\Programes\nodejs\node\CRUD_NodeAngular5\NodeServer\config\passport.js:15:39) at D:\Programes\nodejs\node \CRUD_NodeAngular5\NodeServer\node_modules\passport-jwt\lib\strategy.js:110:26 在 D:\Programes\nodejs\node\CRUD_NodeAngular5\NodeServer\node_modules\passport-jwt\node_modules\jsonwebtoken\verify.js:27: 18 在 _combinedTickCallback (internal/process/next_tick.js:131:7) 在 process._tickCallback (internal/process/next_tick.js:180:9)

Passport.js

var JwtStrategy     = require('passport-jwt').Strategy;
var ExtractJwt      = require('passport-jwt').ExtractJwt;

var User            = require('../models/User');
var config          = require('./database');
module.exports = function(passport) {
    var opts = {};
    opts.jwtFromRequest = ExtractJwt.fromAuthHeader();
    opts.secretOrKey = config.secret;
    passport.use(new JwtStrategy(opts, function(jwt_payload, done) {
        User.findById(jwt_payload.$__._id, function(err, user) {
            if (err) {
                return done(err, false);
            }
            if (user) {
                done(null, user);
            } else {
                done(null, false);
            }
        });
    }));
};

登录

router.post('/login', function(req, res) {
    User.findOne({ email: req.body.email }, function(err, user) {
        if (err) throw err;
        if (!user) {
            res.send({ success: false, message: 'Authentication failed. User not found.' });
            console.log('User not found');
        } else {
            user.comparePassword(req.body.password, function(err, isMatch) {
                if (isMatch && !err) {
                    var token = jwt.sign(user.toJSON(), config.secret, {expiresIn: 1000 }); 
                    var decoded = jwt.decode(token);
                    console.log(decoded);
                    res.json({ success: true, token:'JWT ' + token, decoded:  decoded });
                    console.log('Connected : ' + token);
                } else {
                    res.send({ success: false, message: 'Authentication failed. Passwords did not match.' });
                    console.log('Password is wrong');
                }
            });
        }
    });
});

路线仪表板不起作用

router.get('/dashboard', passport.authenticate('jwt', { session: false }), function(req, res) {
    res.send('It worked! User id is: ' );
});

标签: node.jsjwt

解决方案

让我们清理您的代码,这很简单:- 第 1 步:创建配置文件并加载您保留路线的位置

var checkAuth = require('../config/check-auth');

Step2:复制粘贴到check-auth

const jwt  = require('jsonwebtoken');

    module.exports = (req,res,next)=>{
    try{
        const token  = req.headers.authorization.split(" ")[1];
        const decoded  = jwt.verify(token,"secret");
        req.userData = decoded;
        next();
    }catch(error){
        return res.status(401).json({message:'Auth failed'});
          }
    }

第 3 步:保护您的路线

router.get('/dashboard',checkAuth , { session: false }), 
function(req, res) {
    res.send('It worked! User id is: ' );
});

通过将 checkAuth 作为参数传递来保护您的所有路由

推荐阅读