时间戳

首页 > 解决方案 > JWT Token 不以 Bearer String 开头,并且在发送时以 Bearer 开头的公理

javascript - JWT Token 不以 Bearer String 开头,并且在发送时以 Bearer 开头的公理

问题描述

我正在尝试发送一个发布请求,该请求在标头中发送令牌并作为字符串发送。问题是在后端验证标头给了我错误JWT Token does not begin with Bearer String

下面是相关代码。

前端

    getUser() {
        if (token != null) {
            const config = {
                headers: { Authorization: `Bearer ${token}` }
            };

            const formData = new FormData();
            formData.set("token", token);
            
            axios.post("http://localhost:8080/user/token", formData,config)
                .then((function (response) {
                    if (response.data.email !== null) {

                        sessionStorage.setItem("role", response.data.role);
                        sessionStorage.setItem("userId", response.data.id);
                        sessionStorage.setItem("name", response.data.name);

                        location.reload(true)
                        document.getElementById('loginResult').innerHTML = response.data.token;
                    }

                }));
        }

    }

后端

  protected void configure(HttpSecurity httpSecurity) throws Exception {
              // We don't need CSRF for this example
        httpSecurity
                .csrf().disable()
              // dont authenticate this particular request
                .authorizeRequests()
                .antMatchers("/authenticate").permitAll()
                .antMatchers("/events").permitAll()
                .antMatchers("/events/**").hasAnyAuthority("ADMIN","VENDOR")
                .antMatchers("/event-photos/**").permitAll()
                .antMatchers("/user/**").hasAnyAuthority("ADMIN","VENDOR")
                .anyRequest().authenticated()
                .and()
             // make sure we use stateless session; session won't be used to
             // store user's state.
               .exceptionHandling()
                .authenticationEntryPoint(jwtAuthenticationEntryPoint)
                .and().sessionManagement()
                .sessionCreationPolicy(SessionCreationPolicy.STATELESS);

             // Add a filter to validate the tokens with every request
        httpSecurity.addFilterBefore(jwtRequestFilter, UsernamePasswordAuthenticationFilter.class);

    }

    @PostMapping("user/token")
    public @ResponseBody User getUser(@RequestParam("token") String token){
        String email=jwtTokenUtil.getUsernameFromToken(token);
        User user=userRepository.getUserByUsername(email);
        return user ;
    }

谷歌检查图片的请求

标签: javascriptjavaaxios

解决方案

如果要Bearer在正文中的标记前面添加,可以添加:

formData.set("token", `Bearer ${token}`);

推荐阅读