Authentication 无法理解JWT auth(Phoenix)中的解构
我正在使用Comeonin和JWT auth的Guardian建立一个模式,我在Phoenix看到了一些API身份验证的地方 当我从CURL发布到MyApp.sessioncontroller.create/2时,正如我预期的那样,我从MyApp.Session.authenticate/1获得了一个用户响应。然而,我应该把它分解成{:好的,jwt,{u full_claims},然后通过管道传送到卫报。我使用IO.inspect user查看用户对象并得到以下错误: 终端:Authentication 无法理解JWT auth(Phoenix)中的解构,authentication,elixir,jwt,phoenix-framework,destructuring,Authentication,Elixir,Jwt,Phoenix Framework,Destructuring,我正在使用Comeonin和JWT auth的Guardian建立一个模式,我在Phoenix看到了一些API身份验证的地方 当我从CURL发布到MyApp.sessioncontroller.create/2时,正如我预期的那样,我从MyApp.Session.authenticate/1获得了一个用户响应。然而,我应该把它分解成{:好的,jwt,{u full_claims},然后通过管道传送到卫报。我使用IO.inspect user查看用户对象并得到以下错误: 终端: curl -H "
curl -H "Content-Type: application/json" -X POST -d '{"email":"me@myapp.com","password":"password", "session":{"email":"mark@myapp.com", "password":"password"}}' http://localhost:4000/api/v1/sessions
当我在IEX中检查用户时,我看到:
%MyApp.User{__meta__: #Ecto.Schema.Metadata<:loaded, "users">, avatar_url: nil,
email: "me@myapp.com", handle: "me", id: 2,
inserted_at: ~N[2017-08-22 18:26:10.000033], password: nil,
password_hash: "$2b$12$LpJTWWEEUzrkkzu2w9sRheGHkh0YOgUIOkLluk05StlmTP6EiyPA6",
updated_at: ~N[2017-08-22 18:26:10.007796]}
编辑:添加监护人信息
#config/config.exs
config :guardian, Guardian,
issuer: "MyApp",
ttl: { 30, :days},
verify_issuer: true,
secret_key: "abc123",
serializer: MyApp.GuardianSerializer
{:好的,jwt,_full_claims}是调用Guardian.encode_和_signuser,:token返回的值。这是链接到的教程中的原始代码:
{:ok, jwt, _full_claims} = user
|> Guardian.encode_and_sign(:token)
这与:
{:ok, jwt, _full_claims} = Guardian.encode_and_sign(user, :token)
另一方面,您的代码执行{:ok,jwt,_full_claims}=user,下一行是一条新语句。如果要检查用户并仍执行教程中的操作,可以执行以下操作:
{:ok, jwt, _full_claims} = user
|> IO.inspect
|> Guardian.encode_and_sign(:token)
IO.inspect返回打印后传递的值,因此此代码的功能与教程相同,只是它也将打印用户的值。user只是用户,而不是3元组{:ok,jwt,_full_claims},因此模式匹配失败。你能链接到你复制它的代码吗?如果他们的代码正常工作,肯定会有一些不同的情况发生。您可能有一些配置不正确的内容。请参阅@alenm中的config.exs在上面的编辑中添加了它
# web/services/session.ex
defmodule MyApp.Session do
alias MyApp.{Repo, User}
import Bcrypt
def authenticate(%{"email" => email, "password" => password}) do
case Repo.get_by(User, email: email) do
nil ->
:error
user ->
case verify_password(password, user.password_hash) do
true ->
{:ok, user}
_ ->
:error
end
end
end
defp verify_password(password, pw_hash) do
Comeonin.Bcrypt.checkpw(password, pw_hash)
end
end
# lib/MyApp/User.ex
defmodule MyApp.User do
use MyApp.Web, :model
schema "users" do
field :email, :string
field :handle, :string
field :password_hash, :string
field :avatar_url, :string
field :password, :string, virtual: true
timestamps
end
def changeset(model, params \\ :empty) do
model
|> cast(params, [:email, :handle, :password_hash, :password, :avatar_url])
|> validate_required([:email])
|> validate_length(:email, min: 1, max: 255)
|> validate_format(:email, ~r/@/)
end
#config/config.exs
config :guardian, Guardian,
issuer: "MyApp",
ttl: { 30, :days},
verify_issuer: true,
secret_key: "abc123",
serializer: MyApp.GuardianSerializer
#lib/MyApp/guardian_serializer.ex
defmodule MyApp.GuardianSerializer do
@behaviour Guardian.Serializer
alias MyApp.Repo
alias MyApp.User
def for_token(user = %User{}), do: {:ok, "User:#{user.id}"}
def for_token(_), do: {:error, "Unknown resource type"}
def from_token("User:" <> id), do: {:ok, Repo.get(User, id)}
def from_token(_), do: {:error, "Unknown resource type"}
end
{:ok, jwt, _full_claims} = user
|> Guardian.encode_and_sign(:token)
{:ok, jwt, _full_claims} = Guardian.encode_and_sign(user, :token)
{:ok, jwt, _full_claims} = user
|> IO.inspect
|> Guardian.encode_and_sign(:token)