为什么我不能将 JWT 令牌传递给我的 swagger

why I can't pass a JWT token to my swagger

提问人:Tom 提问时间:11/9/2023 更新时间:11/11/2023 访问量:32

问:

我正在尝试向我的 swagger 发送令牌以验证自己的身份,但它没有收到任何内容。我有一个 /connect 路由,它允许我生成一个令牌,然后生成一个 /get 路由以在控制器中使用此令牌。但是当我发送我的令牌时,没有任何反应,它要么告诉我没有令牌,要么告诉我我的令牌是空的。

这是我的大摇大摆:

{
  "swagger": "2.0",
  "info": {
    "title": "Documentation API",
    "version": "1.0.0",
    "description": "API pour un site de gestion de reservations pour 3 chambres d'hôtes chez un particulier."
  },

  "servers": [
    {
      "url": "http://localhost:5000/",
      "description": "Development server"
    }
  ],
  "paths": {
    "/clients/get": {
      "get": {
        "tags": [
          "Clients"
        ],
        "description": "",
        "security": [
          {
            "Bearer": [] 
          }
        ],

        "responses": {
          "200": {
            "description": "OK"
          },
          "401": {
            "description": "Unauthorized"
          },
          "404": {
            "description": "Not Found"
          }
        }
      }
    },
    "/clients/connect": {
      "post": {
        "tags": [
          "Clients"
        ],
        "description": "Connectez-vous en utilisant un email et un mot de passe.",
        "parameters": [
          {
            "in": "formData",
            "name": "email",
            "type": "string",
            "required": true,
            "description": "Votre email"
          },
          {
            "in": "formData",
            "name": "password",
            "type": "string",
            "required": true,
            "description": "Votre mot de passe"
          }
        ],
        "responses": {
          "200": {
            "description": "OK"
          },
          "404": {
            "description": "Not Found"
          }
        }
      }
    },


  "securityDefinitions": {
    "Bearer": {
      "type": "apiKey",
      "name": "Authorization",
      "in": "header"
    }
  },

"security": {
  "Bearer": []
}


我已经尝试过使用安全承载者身份验证,但它不起作用。

这是我的 /get 函数:

const findOneClients = async (req, res) => {
    try {
        const token = req.header('Authorization');
        if (!token) {
            return res.status(401).send({ Error: 'Token JWT manquant dans l\'en-tête Authorization' });
        }

        const decodedToken = jwt.verify( token.split(' ')[1], process.env.TOKEN_SECRET);

        const id = decodedToken.id;
        const client = await Client.findOne({ id: id });
        
        if (!client) {
            return res.status(404).send({ Error: `Aucun client trouvé avec l'ID : ${id}` });
        }
        // Decrypter adresse
        const decryptAdresse = crypto.AES.decrypt(client.adresse, process.env.CRYPTO_SECRET);
        client.adresse = decryptAdresse.toString(crypto.enc.Utf8);

        // Decrypter ville
        const decryptVille = crypto.AES.decrypt(client.ville, process.env.CRYPTO_SECRET);
        client.ville = decryptVille.toString(crypto.enc.Utf8);

        // Decrypter code postal
        const decryptCodePostal = crypto.AES.decrypt(client.codePostal, process.env.CRYPTO_SECRET);
        client.codePostal = decryptCodePostal.toString(crypto.enc.Utf8);

        // Decrypter telephone
        const decryptTelephone = crypto.AES.decrypt(client.telephone, process.env.CRYPTO_SECRET);
        client.telephone = decryptTelephone.toString(crypto.enc.Utf8);
        
        return res.status(200).json(client);
    } catch (e) {
        addLog("error", e, "client.controller.js");
    }
};

有人有想法吗?

javascript node.js json swagger swagger-ui

评论


答:

0赞 Azat Antonyan 11/11/2023 #1

如果使用 JWT 授权,则应该有一些配置字段,而不仅仅是空白 [] 括号

 "securitySchemes":{
         "bearer":{
            "scheme":"bearer",
            "bearerFormat":"JWT",
            "type":"http"
         }
      },

Swagger 文档

并将安全性设置为某些端点或全局应用于所有端点