CakePHP 3 JWT Auth给出401未经授权的错误_Cakephp_Jwt Auth_Cakephp 3.6

CakePHP 3 JWT Auth给出401未经授权的错误

cakephp

CakePHP 3 JWT Auth给出401未经授权的错误,cakephp,jwt-auth,cakephp-3.6,Cakephp,Jwt Auth,Cakephp 3.6,我正在使用CakePHP3.6和JWT Auth在我的应用程序中启用基于令牌的身份验证，前端是用Angular 6编写的我的登录控制器如下 <?php namespace App\Controller\Api; use Cake\Event\Event; use Cake\Http\Exception\UnauthorizedException; use Cake\Utility\Security; use Crud\Controller\Component\CrudComponent

我正在使用

CakePHP3.6

和

JWT Auth

在我的应用程序中启用基于令牌的身份验证，前端是用

Angular 6

编写的

我的登录控制器如下

<?php
namespace App\Controller\Api;

use Cake\Event\Event;
use Cake\Http\Exception\UnauthorizedException;
use Cake\Utility\Security;
use Crud\Controller\Component\CrudComponent;
use Firebase\JWT\JWT;

class UsersController extends AppController
{
    public function initialize()
    {
        parent::initialize();
        $this->Auth->allow(['add', 'token']);
    }

    public function token()
    {
        $user = $this->Auth->identify();
        if (!$user) {
            throw new UnauthorizedException('Invalid username or password');
        }

        $this->set([
            'success' => true,
            'data' => [
                'token_type' => 'Bearer',
                'expires_in' => 604800,
                'token' => JWT::encode([
                    'sub' => $user['id'],
                    // 'exp' => time() + 604800
                ],
                    Security::getSalt())
            ],
            '_serialize' => ['success', 'data']
        ]);
    }
}

请求/响应标头具有令牌

我试过什么

我试图在生成访问令牌时禁用exp
尝试在CakePHP应用程序中禁用调试

当CakePHP服务器应用程序在本地运行时，它工作得非常好。在.htaccess中尝试此规则（如果mod_rewrite被激活）：

使用LAMP的Bitnami堆栈（例如在EC2 AWS实例上），php fdm模块过滤每个请求的头，并且“授权”头被拧紧

使用这一行，您可以强制创建带有原始授权标头的$HTTP变量

如果您正在接收头中的授权，请检查cakephp代码。

在身份验证代码中进行一些调试，以确定它的确切退出位置，这可能会提示您原因。@Anuj TBE:任何解决方案？如果有http到https的重定向，也请检查您的htaccess。请删除这些重定向。$\u服务器在您的cakephp操作中检查此项

<?php
use Cake\Controller\Controller;

class AppController extends Controller
{
    use \Crud\Controller\ControllerTrait;

    public function initialize()
    {
        parent::initialize();

        $this->loadComponent('RequestHandler');
        $this->loadComponent('Crud.Crud', [
            'actions' => [
                'Crud.Index',
                'Crud.View',
                'Crud.Add',
                'Crud.Edit',
                'Crud.Delete'
            ],
            'listeners' => [
                'Crud.Api',
                'Crud.ApiPagination'
            ]
        ]);

        $this->loadComponent('Auth', [
            'storage' => 'Memory',
            'authenticate' => [
                'Form' => [
                    'fields' => [
                        'username' => 'email',
                        'password' => 'password'
                    ],
                    'finder' => 'auth'
                ],
                'ADmad/JwtAuth.Jwt' => [
                    'parameter' => 'token',
                    'userModel' => 'Users',
                    'finder' => 'auth',
                    'fields' => [
                        'username' => 'id'
                    ],
                    'queryDatasource' => true
                ]
            ],
            'unauthorizedRedirect' => false,
            'checkAuthIn' => 'Controller.initialize'
        ]);
    }

}

401: Unauthorized access

SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1