提问人:Ahmed Adel 提问时间:11/17/2023 更新时间:11/17/2023 访问量:21
JWTGuard 在使用正确的令牌时总是返回 401 unauthorized
JWTGuard always returning 401 unauthorized when using the correct token
问:
我是 Nestjs 的初学者 在我的用户控制器中使用 JWTGuard 进行所有 CRUD 操作时,它总是返回 401 未授权错误 这是我的智威汤逊策略
import { PassportStrategy } from "@nestjs/passport";
import { JwtPayload } from "jsonwebtoken";
import { ExtractJwt, Strategy } from "passport-jwt";
export class JwtStrategy extends PassportStrategy(Strategy, 'jwt') {
constructor() {
super({
jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
secretOrKey: `${process.env.SECRET}`,
ignoreExpiration: false,
});
}
async validate(payload: JwtPayload) {
console.log('JWT Strategy - Validate: ', payload);
return { user: payload.sub, username: payload.username }
}
}
这是我的authService
import { Injectable } from '@nestjs/common';
import { UserService } from 'src/user/user.service';
import * as bcrypt from 'bcrypt'
import { User } from 'src/user/schemas/user_schema';
import { JwtService } from '@nestjs/jwt';
@Injectable()
export class AuthService {
constructor(
private readonly userService: UserService,
private jwtService: JwtService) { }
async validateUser(email: string, password: string) {
const user = await this.userService.findOneWithEmail(email)
if (user && await bcrypt.compare(password, user.password)) {
const { password, ...result } = user
return result;
}
return null;
}
async login(user: User) {
const payload = {
username: user.email,
sub: {
name: user.name
}
}
user.password = undefined
return {
...user,
accessToken: this.jwtService.sign(payload),
refreshToken: this.jwtService.sign(payload, { expiresIn: '1d' }),
}
}
async refreshToken(user: User) {
const payload = {
username: user.email,
sub: {
name: user.name,
},
};
return {
accessToken: this.jwtService.sign(payload),
};
}
}
这是我的用户控制器
import { Controller, Get, Post, Body, Patch, Param, Delete, ValidationPipe, UsePipes, Res, Redirect, Request, UseGuards, Query } from '@nestjs/common';
import { UserService } from './user.service';
import { CreateUserDto } from './dto/create-user.dto';
import { UpdateUserDto } from './dto/update-user.dto';
import { JwtGuard } from 'src/auth/guards/jwt-auth.guard';
import { AuthService } from 'src/auth/auth.service';
import { Query as ExpressQuery } from 'express-serve-static-core';
@Controller('user')
export class UserController {
constructor(
private readonly userService: UserService,
private authService: AuthService) { }
@Post('register')
@UsePipes(new ValidationPipe({ transform: true }))
register(@Body() createUserDto: CreateUserDto) {
return this.userService.register(createUserDto);
}
@Post('login')
@UsePipes(ValidationPipe)
@Redirect('/auth/login')
async login(@Request() req) { }
@UseGuards(JwtGuard)
@Get()
findAll(@Query() query: ExpressQuery) {
return this.userService.findAll(query);
}
@UseGuards(JwtGuard)
@Get(':id')
findOne(@Param('id') id: string) {
return this.userService.findOne(id);
}
@UseGuards(JwtGuard)
@Patch()
update(@Body() updateUserDto: UpdateUserDto) {
return this.userService.update(updateUserDto);
}
@UseGuards(JwtGuard)
@Delete(':id')
remove(@Param('id') userId: string, @Body('id') deleteId: string) {
return this.userService.remove(userId, deleteId);
}
}
这是我的用户模块
import { Module } from '@nestjs/common';
import { UserService } from './user.service';
import { UserController } from './user.controller';
import { JwtModule } from '@nestjs/jwt';
import { User, UserSchema } from './schemas/user_schema';
import { MongooseModule } from '@nestjs/mongoose';
import { PasswordService } from 'src/password/password.service';
import { JwtStrategy } from 'src/auth/strategies/jwt-strategy';
import { AuthModule } from 'src/auth/auth.module';
import { PassportModule } from '@nestjs/passport';
import { AuthService } from 'src/auth/auth.service';
@Module({
imports: [
MongooseModule.forFeature([{ name: User.name, schema: UserSchema }]),
JwtModule.register({
secret: `${process.env.SECRET}`,
signOptions: { expiresIn: '1h' },
}),
AuthModule,
],
controllers: [UserController],
providers: [UserService, PasswordService, JwtStrategy, PassportModule, AuthService],
})
export class UserModule { }
这是我的
import { Module } from '@nestjs/common';
import { AuthService } from './auth.service';
import { AuthController } from './auth.controller';
import { UserService } from 'src/user/user.service';
import { JwtModule, JwtService } from '@nestjs/jwt';
import { LocalStrategy } from './strategies/local-strategies';
import { MongooseModule } from '@nestjs/mongoose';
import { User, UserSchema } from 'src/user/schemas/user_schema';
import { PasswordService } from 'src/password/password.service';
import { PassportModule } from '@nestjs/passport';
import { JwtStrategy } from './strategies/jwt-strategy';
import { RefreshJwtStrategy } from './strategies/refreshToken.strategy';
@Module({
providers: [
AuthService,
UserService,
LocalStrategy,
PasswordService,
JwtStrategy,
RefreshJwtStrategy
],
controllers: [AuthController],
imports: [
MongooseModule.forFeature([{ name: User.name, schema: UserSchema }]),
JwtModule.register({
secret: `${process.env.SECRET}`,
signOptions: { expiresIn: '1d' },
}),
PassportModule],
exports: [AuthService, LocalStrategy, JwtStrategy],
})
export class AuthModule { }
据我所知,知道当地警卫在登录后工作正常
我尝试重新检查令牌 确保 .env 文件正常工作
答:
0赞
Ali Hajiloo
11/22/2023
#1
在护照中,您只允许使用,您不能使用电子邮件function verify(username, password)
更改字段名称的唯一方法是:username
export class LocalStrategy extends PassportStrategy(Strategy, 'jwt') { constructor() { super({ jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(), secretOrKey: `${process.env.SECRET}`, ignoreExpiration: false, usernameField: 'email', passwordField: 'password', }); } async validate( email: string, password: string, ): Promise<any> { if(password === true){ console.log('JWT Strategy - Validate: ', payload); return { user: payload.sub, username: payload.username } } } }
评论