当我使用'passport.authenticate('jwt',{session:false})'在路由中时,它将返回"未经授权"。护照中间件似乎不起作用。我不知道怎么了!在标题中,我正在使用"授权:jwt my_token"。
app.js文件
// ...code
const app = express();
app.use(bodyParser.json());
app.use(passport.initialize());
require('./config/passport')(passport); // passport middleware file
app.use('/api/auth', auth); // routes
app.use('/api/lists', lists); // routes
。
护照中间件文件:
const { Strategy, ExtractJwt } = require('passport-jwt');
const User = require('../models/User');
const keys = require('./keys');
module.exports = (passport) => {
const opts = {};
opts.jwtFromRequest = ExtractJwt.fromAuthHeaderAsBearerToken();
opts.secretOrKey = 'MYSECRETKEY';
// HERE IS EXECUTED! <<<<<<<<
passport.use(new Strategy(opts, function(jwt_payload, done) {
// HERE IS NOT BEING EXECUTED! <<<<<<<<
User.findOne({_id: jwt_payload.id}, function(err, user) {
if (err) {
return done(err, false);
}
if (user) {
return done(null, user);
} else {
return done(null, false);
}
});
}));
}
。
登录路由(创建令牌):
router.post('/login', (req, res, next) => {
const { email, } = req.body;
User.findOne({ email: email }, { password: 0 }, (errQuery, resUser) => {
const token = jwt.sign({_id: resUser.id}, 'MYSECRETKEY');
const responseData = {
status: true,
token: `JWT ${token}`
};
res.send(responseData);
});
});
问题是该行:
opts.jwtFromRequest = ExtractJwt.fromAuthHeaderAsBearerToken();
由于您正在调用该配置选项,因此您的标题需要看起来像:
Authorization: Bearer MY_TOKEN