Node.js 会话存储中的Jwt验证在后端进行反应
我有一个api,用于登录和生成JWT 正常运行时,我将jwt保存在会话存储中:Node.js 会话存储中的Jwt验证在后端进行反应,node.js,reactjs,jwt,Node.js,Reactjs,Jwt,我有一个api,用于登录和生成JWT 正常运行时,我将jwt保存在会话存储中: getDate = () => { console.log(JSON.parse(sessionStorage.getItem('token'))); const data = {token: sessionStorage.getItem('token')}; const requestInfo = { method:'GET',
getDate = () => {
console.log(JSON.parse(sessionStorage.getItem('token')));
const data = {token: sessionStorage.getItem('token')};
const requestInfo = {
method:'GET',
body: JSON.stringify({data}),
headers: new Headers({
'Content-Type': 'application/json',
'jwt': sessionStorage.getItem('token')
}),
};
console.log('chegouaq');
fetch('http://localhost:9000/users', requestInfo)
.then(response => {
console.log('chegouaq2');
if(response.ok){
return response.json();
}
throw new Error("Token Invalido..")
})
.then(data => {
console.log(JSON.stringify(data));
return;
})
.catch(e => {
this.setState({message: e.message})
console.error(e);
});
}
我通过head发送jwt,但我遇到了麻烦,我不知道如何用API验证它
我的路由器/用户:
app.route('/users')
.all(app.auth.authenticate())
.get((req,res)=>{
usersController
.getAll()
.then(data => {
res.json(data);
})
.catch(error=>{
console.log(error);
res.status(400);
});
})
.all(app.auth.authenticate())
这就是我的护照策略
这就是我的策略:
const strategy = new Strategy(options,(payload, done) => {
Users
.findOne({where: payload.id})
.then(user => {
if(user){
return done(null,{
id: user.id,
login: user.login
});
}
return done(null,false);
})
.catch(error => done(error,null));
});
passport.use(strategy);
return {
initialize: () => passport.initialize(),
authenticate: () => passport.authenticate('jwt', jwtConfig.session)
};
}
我不知道如何将jwt发送到验证
我的主app.js:
const express = require('express');
const bodyParser = require('body-parser');
const indexRouter = require('./routes/index');
const usersRouter = require('./routes/users');
const authRouter = require('./routes/auth');
const authorization = require('./auth');
const config = require('./config/config');
const datasource = require('./config/datasource');
const Email = require('./utils/email');
const app = express();
const port = 9000;
app.set('port',port);
app.config = config;
app.email = new Email(app.config);
app.datasource = datasource(app);
console.log(app.config);
app.use(bodyParser.json({
limit: '5mb'
}));
app.use(function(req, res, next) {
res.header("Access-Control-Allow-Origin", "*");
res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
next();
});
const auth = authorization(app);
app.use(auth.initialize());
app.auth = auth;
indexRouter(app);
usersRouter(app);
authRouter(app);
module.exports = app;
尝试更新授权标头,如下所示:
headers: new Headers({
'Content-Type': 'application/json',
'Authorization': 'Bearer ' + sessionStorage.getItem('token')
}),
我试图更改此设置,但仍然存在以下错误:index.js:14 OPTIONS 401(未经授权),从源站“”获取“”的访问已被CORS策略阻止:对飞行前请求的响应未通过访问控制检查:它没有HTTP ok状态。ok,这是CORS问题,而不是JWT在现阶段的问题。您正在从localhost:3000发布到localhost:9000-这是一个原因还是一个代码输入错误?我不这么认为,我的路由/登录有相同的cors问题,但我将此添加到了我的app.js app.use(function(req,res,next){res.header(“访问控制允许源代码”,“*”);res.header(“访问控制允许头文件”,“Origin,X-Requested-With,Content-Type,Accept”);next();});您能确认express应用程序正在运行哪个端口吗?我编辑了问题并将我的main.app放在端口9000上