Node.js Nodejs身份验证中间件不工作
我正在学习一种使用应用程序级中间件对所有API进行身份验证的新方法。我研究了多个例子。我尝试了以下代码作为方法之一 下面是我的代码,我正在编写firebase函数,并且已经有了必要的字段。我使用“firebase服务”在本地托管我的函数Node.js Nodejs身份验证中间件不工作,node.js,firebase,express,firebase-authentication,google-cloud-functions,Node.js,Firebase,Express,Firebase Authentication,Google Cloud Functions,我正在学习一种使用应用程序级中间件对所有API进行身份验证的新方法。我研究了多个例子。我尝试了以下代码作为方法之一 下面是我的代码,我正在编写firebase函数,并且已经有了必要的字段。我使用“firebase服务”在本地托管我的函数 const express = require('express') const bodyParser = require('body-parser') const cookieParser = require('cookie-parser')() const
const express = require('express')
const bodyParser = require('body-parser')
const cookieParser = require('cookie-parser')()
const cors = require('cors')({ origin: true })
const app = express()
const router = express.Router()
app.use(cors)
app.use(cookieParser)
app.use(bodyParser.json())
app.use(bodyParser.urlencoded({ extended: false }))
app.use(async (err, req, res, next) => {
console.log('Middleware')
try {
const { authorization } = req.headers
if (!authorization) {
throw new ErrorHandler(401, "User is not unathorized")
}
if (!authorization.startsWith('Bearer')) {
throw new ErrorHandler(401, "User is not unathorized")
}
const split = authorization.split('Bearer ')
if (split.length !== 2) {
throw new ErrorHandler(401, "User is not unathorized")
}
const token = split[1]
const decodedToken = await admin.auth().verifyIdToken(token);
res.setHeader("email", decodedToken.email)
next()
} catch (error) {
console.log("END")
next(error)
}
});
router.get('/', (req, res) => {
res.end(`${Date.now()}`)
})
router.post('/data', async (req, res, next) => {
res.setHeader("Content-Type", "application/json")
console.log('DATA')
try {
// my other logic goes here
res.end()
} catch (error) {
next(error)
}
})
app.use('/api', router)
app.use((err, req, res, next) => {
if (err) {
handleError(err, res);
}
console.log(JSON.stringify(req.body))
});
exports.app = functions.https.onRequest(app)
我已经创建了一个名为app的云函数。我使用的API如下所示:
http://localhost:5000/app/api/data
我已经编写了一个中间件,用于授权即将发布的所有API。中间件正在获取承载令牌,令牌正在firebase的帮助下进行验证
但是,当我从postman或web调用“/api/data”这个api时,不会调用中间件。出于调试目的,我使用console.log进行检查
我当前的流程是邮递员->数据
我想要的是:
邮递员->中间件(如果经过身份验证)->数据
邮递员->中间件(如果未经验证)->结束
请让我知道我的代码有什么问题。从中间件中删除err参数,将其设置为错误处理程序而不是中间件,这就是代码无法执行的原因, 下面的代码将在每次访问/api路由时执行处理程序
const express = require('express')
const bodyParser = require('body-parser')
const cookieParser = require('cookie-parser')()
const cors = require('cors')({ origin: true })
const app = express()
const router = express.Router()
app.use(cors)
app.use(cookieParser)
app.use(bodyParser.json())
app.use(bodyParser.urlencoded({ extended: false }))
app.use(async (req, res, next) => {
console.log('Middleware')
try {
const { authorization } = req.headers
if (!authorization) {
throw new ErrorHandler(401, "User is not unathorized")
}
if (!authorization.startsWith('Bearer')) {
throw new ErrorHandler(401, "User is not unathorized")
}
const split = authorization.split('Bearer ')
if (split.length !== 2) {
throw new ErrorHandler(401, "User is not unathorized")
}
const token = split[1]
const decodedToken = await admin.auth().verifyIdToken(token);
res.setHeader("email", decodedToken.email)
next()
} catch (error) {
console.log("END")
next(error)
}
});
router.get('/', (req, res) => {
res.end(`${Date.now()}`)
})
router.post('/data', async (req, res, next) => {
res.setHeader("Content-Type", "application/json")
console.log('DATA')
try {
// my other logic goes here
res.end()
} catch (error) {
next(error)
}
})
app.use('/api', router)
app.use((err, req, res, next) => {
if (err) {
handleError(err, res);
}
console.log(JSON.stringify(req.body))
});
exports.app = functions.https.onRequest(app)
从中间件中删除err参数,将其设置为错误处理程序而不是中间件,这就是代码未执行的原因, 下面的代码将在每次访问/api路由时执行处理程序
const express = require('express')
const bodyParser = require('body-parser')
const cookieParser = require('cookie-parser')()
const cors = require('cors')({ origin: true })
const app = express()
const router = express.Router()
app.use(cors)
app.use(cookieParser)
app.use(bodyParser.json())
app.use(bodyParser.urlencoded({ extended: false }))
app.use(async (req, res, next) => {
console.log('Middleware')
try {
const { authorization } = req.headers
if (!authorization) {
throw new ErrorHandler(401, "User is not unathorized")
}
if (!authorization.startsWith('Bearer')) {
throw new ErrorHandler(401, "User is not unathorized")
}
const split = authorization.split('Bearer ')
if (split.length !== 2) {
throw new ErrorHandler(401, "User is not unathorized")
}
const token = split[1]
const decodedToken = await admin.auth().verifyIdToken(token);
res.setHeader("email", decodedToken.email)
next()
} catch (error) {
console.log("END")
next(error)
}
});
router.get('/', (req, res) => {
res.end(`${Date.now()}`)
})
router.post('/data', async (req, res, next) => {
res.setHeader("Content-Type", "application/json")
console.log('DATA')
try {
// my other logic goes here
res.end()
} catch (error) {
next(error)
}
})
app.use('/api', router)
app.use((err, req, res, next) => {
if (err) {
handleError(err, res);
}
console.log(JSON.stringify(req.body))
});
exports.app = functions.https.onRequest(app)
请编辑该问题,以更详细地解释什么没有按您期望的方式工作。“你有调试日志输出来帮助理解发生了什么吗?”DougStevenson更新了我的问题。如果您有更多疑问,请告诉我。请编辑问题,以更详细地解释哪些问题没有按照您期望的方式工作。“你有调试日志输出来帮助理解发生了什么吗?”DougStevenson更新了我的问题。如果你更怀疑我,请告诉我,我真是太蠢了。我一点也没看到。非常感谢。天哪,我真傻。我一点也没看到。谢谢。