Javascript Nestjs passport jwt忽略jwt签名
我不能在这里传递任何秘密,因为它为每个用户存储在Redis中,在访问用户id获取他们的秘密之前,我必须解析令牌体。将nestjs用于体系结构。有没有优雅的解决方案,而不必自己编写整个策略副本Javascript Nestjs passport jwt忽略jwt签名,javascript,typescript,passport.js,nestjs,passport-jwt,Javascript,Typescript,Passport.js,Nestjs,Passport Jwt,我不能在这里传递任何秘密,因为它为每个用户存储在Redis中,在访问用户id获取他们的秘密之前,我必须解析令牌体。将nestjs用于体系结构。有没有优雅的解决方案,而不必自己编写整个策略副本 export class JwtStrategy extends PassportStrategy(Strategy) { constructor(private authService: AuthService) { super({ jwtFromRequest: ExtractJ
export class JwtStrategy extends PassportStrategy(Strategy) {
constructor(private authService: AuthService) {
super({
jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
ignoreExpiration: false,
secretOrKey: ???,
passReqToCallback: true,
});
}
async validate(req: any, payload: UserType): Promise<UserType> {
try {
const token = ExtractJwt.fromAuthHeaderAsBearerToken()(req);
const [header, body] = token.split('.');
const headerJSON = JSON.parse(btoa(header)) as { alg: Algorithm };
const bodyJSON = JSON.parse(btoa(body)) as UserType;
const sub = bodyJSON.sub;
const userId = await this.authService.findUserSecret(sub);
const jwt = new JwtService({
secret: userId,
});
await jwt.verify(token, {
algorithms: [headerJSON.alg],
});
return payload;
} catch (e) {
return Promise.reject();
}
}
}```
导出类JwtStrategy扩展了PassportStrategy(策略){
构造函数(专用authService:authService){
超级({
jwtFromRequest:ExtractJwt.FromAuthHeaderAsberToken(),
忽略过期日期:false,
分泌键:???,
passReqToCallback:正确,
});
}
异步验证(req:any,payload:UserType):承诺{
试一试{
const-token=ExtractJwt.fromAuthHeaderAsberToken()(req);
const[header,body]=token.split('.');
const headerJSON=JSON.parse(btoa(header))为{alg:Algorithm};
const bodyJSON=JSON.parse(btoa(body))作为用户类型;
const sub=bodyJSON.sub;
const userId=wait this.authService.findUserSecret(sub);
const jwt=新的jwt服务({
秘密:userId,
});
等待jwt.验证(令牌{
算法:[headerJSON.alg],
});
返回有效载荷;
}捕获(e){
返回承诺。拒绝();
}
}
}```
进行了更多的研究,发现了这一点
secretOrKeyProvider(request: any, rawJwtToken: string, done: any) {
const [, body] = rawJwtToken.split('.');
const bodyJSON = JSON.parse(btoa(body)) as UserType;
const { sub } = bodyJSON;
authService
.findUserSecret(sub)
.then(secret => secret || Promise.reject())
.then(secret => done(null, secret))
.catch(error => done(error, null));
},