令牌无效:JsonWebTokenError:jwt malformed nodejs
我正在学习如何使用NodeJS,同时遵循一个在线教程,我在标题错误中遇到了问题。
我正在使用最新版本的NodeJS和jsonwebtokenauthentication。
这是我如何生成令牌:
router.post('/login', (req, res) => { // Check if username was provided if (!req.body.username) { res.json({ success: false, message: 'No username was provided' }); // Return error } else { // Check if password was provided if (!req.body.password) { res.json({ success: false, message: 'No password was provided.' }); // Return error } else { // Check if username exists in database User.findOne({ username: req.body.username.toLowerCase() }, (err, user) => { // Check if error was found if (err) { res.json({ success: false, message: err }); // Return error } else { // Check if username was found if (!user) { res.json({ success: false, message: 'Username not found.' }); // Return error } else { const validPassword = User.comparePassword(req.body.password, user.password); // Compare password provided to password in database // Check if password is a match if (!validPassword) { res.json({ success: false, message: 'Password invalid' }); // Return error } else { const token = jwt.sign({ userId: user._id }, 'goodsecret', { expiresIn: '24h' }); // Create a token for client res.json({ success: true, message: 'Success!', token: token, user: { username: user.username } }); // Return success and token to frontend } } } }); } } }); 在这里,我如何评估它:
const jwt = require('jsonwebtoken'); /* ================================================ MIDDLEWARE - Used to grab user's token from headers ================================================ */ router.use((req, res, next) => { const token = req.headers.authorization; // Create token found in headers // Check if token was found in headers if (!token) { res.json({ success: false, message: 'No token provided' }); // Return error } else { // Verify the token is valid console.log(token); jwt.verify(token, 'goodsecret', (err, decoded) => { // Check if error is expired or invalid if (err) { res.json({ success: false, message: 'Token invalid: ' + err }); // Return error for token validation } else { req.decoded = decoded; // Create global variable to use in any request beyond next(); // Exit middleware } }); } }); /* =============================================================== Route to get user's profile data =============================================================== */ router.get('/profile', (req, res) => { // Search for user in database User.findOne({ _id: req.decoded.userId }).select('username email').exec((err, user) => { // Check if error connecting if (err) { res.json({ success: false, message: err }); // Return error } else { // Check if user was found in database if (!user) { res.json({ success: false, message: 'User not found' }); // Return error, user was not found in db } else { res.json({ success: true, user: user }); // Return success, send user object to frontend for profile } } }); });
每当我尝试从HttpRequester生成一个请求,发送令牌,我得到的标题错误。 我发送的令牌是
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VySWQiOiI1OWRlMTYzNTMwOWY2NDM1YjBjOWRmM2UiLCJpYXQiOjE1MDc3NDMzODYsImV4cCI6MTUwNzgyOTc4Nn0.uJwpYN7IHYg_lmCVCpFg-zfo0QVPglEvWHs7SD9cPkg
并在https://jwt.io/它工作正常,使用秘密'goodsecret'在代码中。 我错过了什么?
这是我如何生成请求的屏幕。
感谢您的帮助