错误:401(未授权),Passport身份validation在节点中
Passport身份validation中间件在这里使用,从loginapi我有一个jwt令牌生成,它发送到API http:// localhost:3030 / home / in标题,但它的投掷
错误
angular.js:12587 POST http:// localhost:3030 / home / 401(未经授权)。
{“data”:“Unauthorized”,“status”:401,“config”:{“method”:“POST”,“transformRequest”:[null],“transformResponse”:[ null],“jsonpCallbackParam”:“callback”,“url”:“ http:// localhost:3030 / home / ”,“headers”:{“Accept”:“application / json,text / plain, / ”}} “状态文本”:“未授权”}
route.js
module.exports = function(app , passport){ app.use('/login',userCtrl); app.use('/register',registerCtrl); app.use('/home', passport.authenticate('jwt', { session: false }) , homerCtrl); };
passposrt.js
var JwtStrategy = require('passport-jwt').Strategy, ExtractJwt = require("passport-jwt").ExtractJwt; var config = require('./appConfig.js'); module.exports = function(passport){ var jwtOptions = {} jwtOptions.jwtFromRequest = ExtractJwt.fromAuthHeader(); jwtOptions.secretOrKey = config.secret; var strategy = new JwtStrategy(jwtOptions, function(jwt_payload, next) { var user = users[_.findIndex(users, {id: jwt_payload.id})]; if (user) { next(null, user); } else { next(null, false); } }); passport.use(strategy); }
家庭控制器
var mongoose = require("mongoose"); var User = mongoose.model("user"); var express = require("express"); var jwt = require('jsonwebtoken'); var config = require('./../config/appConfig.js'); //Type 1 using router var router = express.Router(); router.post('/' , function(req, res, next){ var formData = req.body; getUserData(formData , function(user){ res.json({ "responseMessage" : "Home Api Sucess" }); }); }); function getUserData(formData , cb){ User.findOne({username : formData.username}).then(function(user){ cb(user); }).catch(function(err){ cb(err); }); } module.exports = router;
login控制器
var router = express.Router(); router.post('/' , function(req, res, next){ var formData = req.body; var username = req.body.username; var password = req.body.password; getUserData(formData , function(user){ if(user){ user.verifyPassword(password , function(err, isMatch){ if(isMatch){ var token = createToken(user); res.json({ "responseMessage" : "Login Sucess" , "token" :token}); }else{ res.json({ "responseMessage" : "Login Failed" }); } }) }else{ res.json({ "responseMessage" : "Login Failed" }); } }); }); function createToken(user){ var payload = {id: user.name}; var token = jwt.sign(payload, config.secret); return "JWT " +token; } function getUserData(formData , cb){ User.findOne({username : formData.username}).then(function(user){ cb(user); }).catch(function(err){ cb(err); }); }
在passport.js
取代
jwtOptions.jwtFromRequest = ExtractJwt.fromAuthHeader();
同
jwtOptions.jwtFromRequest = ExtractJwt.fromAuthHeaderWithScheme('JWT');
您必须为每个受保护的路由发送授权标头。
看邮递员的例子:
PS:您必须在login过程中创build一个JWT令牌。
希望它可以帮助你。
- Node.js / Express将全部redirect到angular度2页面
- Node azure blobService.generateSharedAccessSignature()返回一个不正确的标记
- firebase.auth()。createUserWithEmailAndPassword Undefined不是一个函数
- Node.js中使用http.client进行摘要式身份validation的问题
- Mongoose:CastError:强制转换为ObjectId在path“_id”处的值“me”失败
- 使用Flux / React应用程序存储authentication详细信息
- 节点 – Passport Auth – Authed Post路由在表单提交时挂起
- sails-auth模块给出“不能读取属性'loadStrategies'的未定义的”
- NodeJS – 使用Active Directory进行身份validation
- 如何从第三方node.js服务器validationGame Center用户
- 套接字build立后的socket.ioauthentication