Node.js - Express.js JWT 总是在浏览器响应中返回一个无效的令牌错误

Node.js - Express.js JWT always returns an invalid token error in browser response(Node.js - Express.js JWT 总是在浏览器响应中返回一个无效的令牌错误)
本文介绍了Node.js - Express.js JWT 总是在浏览器响应中返回一个无效的令牌错误的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着跟版网的小编来一起学习吧!

问题描述

我将 node.js 和 express.js 与

var expressJwt = require('express-jwt');var jwt = require('jsonwebtoken');var SECRET = 'shhhhhhared-secret';app.use('/api', expressJwt({secret: SECRET}));app.post('/authenticate', function (req, res) {//TODO 验证 req.body.username 和 req.body.password//如果无效,返回401if (!(req.body.username === 'john.doe' && req.body.password === 'foobar')) {res.send(401, '错误的用户或密码');返回;}变量配置文件 = {first_name: '约翰',姓氏:'Doe',电子邮件:'john@doe.com',编号:123};//我们在令牌内发送配置文件var token = jwt.sign(profile, SECRET, { expiresIn: 18000 });//60*5 分钟res.json({ token: token });});app.get('/api/protected',函数(请求,资源){res.json(req.user);});

I'm using node.js and express.js with the express-jwt module, and I have set up a simple HTTP server to test everything:

This is the node code involved:

 app.set('port', process.env.PORT || 3000);
    app.use(express.methodOverride());
    app.use(allow_cross_domain);
    app.use('/api', expressJwt({secret: '09qrjjwef923jnrge$5ndjwk'}));
    app.use(express.json());
    app.use(express.urlencoded());
    app.use('/', express.static(__dirname + '/'));
    app.use(function(err, req, res, next){
      if (err.constructor.name === 'UnauthorizedError') {
        res.send(401, 'Unauthorized');
      }
    });

    app.get('login',function(req,res){

    //...
    jwt.sign(results.username+results.email, secret, { expiresInMinutes: 9000000000*9393939393393939393939 });
    });

    app.post('api/profile',function(req,res){
     console.log(req.user); // this return undefined in console
     res.send(req.user); // response is pending and dunno why it returns error in browser console
    });

So once I open the /login URL I get logged in and I send the session token to api/post, which returns this response error in the browser console:

{"error":{"message":"invalid signature","code":"invalid_token","status":401,"inner":{}}}

I don't understand why this is happening, because the token stored in the front-end and the token in JWT are the same. What could be the reason for this error?

An example of headers POSTed to the api/post URL:

解决方案

Here is an example

http://blog.auth0.com/2014/01/07/angularjs-authentication-with-cookies-vs-token/

var expressJwt = require('express-jwt');
var jwt = require('jsonwebtoken');

var SECRET = 'shhhhhhared-secret';

app.use('/api', expressJwt({secret: SECRET}));

app.post('/authenticate', function (req, res) {
  //TODO validate req.body.username and req.body.password
  //if is invalid, return 401
  if (!(req.body.username === 'john.doe' && req.body.password === 'foobar')) {
    res.send(401, 'Wrong user or password');
    return;
  }

  var profile = {
    first_name: 'John',
    last_name: 'Doe',
    email: 'john@doe.com',
    id: 123
  };

  // We are sending the profile inside the token
  var token = jwt.sign(profile, SECRET, { expiresIn: 18000 }); // 60*5 minutes

  res.json({ token: token });
});

app.get('/api/protected', 
  function(req, res) {  
    res.json(req.user);
  });

这篇关于Node.js - Express.js JWT 总是在浏览器响应中返回一个无效的令牌错误的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持跟版网!

本站部分内容来源互联网,如果有图片或者内容侵犯您的权益请联系我们删除!

相关文档推荐

Using discord.js to detect image and respond(使用 discord.js 检测图像并响应)
Check if user ID exists in Discord server(检查 Discord 服务器中是否存在用户 ID)
Guild Member Add does not work (discordjs)(公会成员添加不起作用(discordjs))
Creating my first bot using REPLIT but always error Discord.JS(使用 REPLIT 创建我的第一个机器人,但总是错误 Discord.JS)
How do I code event/command handlers for my Discord.js bot?(如何为我的 Discord.js 机器人编写事件/命令处理程序?)
How to find a User ID from a Username in Discord.js?(如何从 Discord.js 中的用户名中查找用户 ID?)