Node.js hapi-auth-jwt2 works在hapi.js应用程序中不工作?
我刚刚开始学习。我正在努力理解auth的代码。这是怎么回事。为此,我跟随 之后,当我从邮递员那里调用API时,我没有得到任何输出 这是我的Node.js hapi-auth-jwt2 works在hapi.js应用程序中不工作?,node.js,authentication,hapi.js,Node.js,Authentication,Hapi.js,我刚刚开始学习。我正在努力理解auth的代码。这是怎么回事。为此,我跟随 之后,当我从邮递员那里调用API时,我没有得到任何输出 这是我的server.js文件,我运行node server.js 'use strict'; const Hapi = require('@hapi/hapi'); const jwt = require('jsonwebtoken'); const people = { 1: { id: 1, name: 'Jen Jones'
server.jsnode server.js'use strict';
const Hapi = require('@hapi/hapi');
const jwt = require('jsonwebtoken');
const people = {
1: {
id: 1,
name: 'Jen Jones'
}
};
// bring your own validation function
const validate = async function (decoded, request, h) {
// do your checks to see if the person is valid
if (!people[decoded.id]) {
return { isValid: false };
}
else {
return { isValid: true };
}
};
const init = async () => {
const server = Hapi.server({
port: 3000,
host: 'localhost'
});
await server.register(require('hapi-auth-jwt2'));
server.auth.strategy('test', 'jwt',
{
key: 'GSFDSFJDSKGJD;GJRTWERIUEWFJDKL;GVCXVNMXCVCNVS;DLGFJKGFJDHGJFKHGJERHTKERHERJHTKREHJ', // Random String
validate,
verifyOptions: { algorithms: ['HS256'] }
});
server.auth.default('test');
server.route([
{
method: 'GET',
path: '/restricted',
config: {
auth: 'test'
},
handler: function (request, h) {
console.log("request.headers.authorization ::: ", request.headers.authorization);
const response = h.response({ text: 'You used a Token!' });
response.header("Authorization", request.headers.authorization);
return response;
}
}
]);
await server.start();
return server;
};
process.on('unhandledRejection', (err) => {
console.log(err);
process.exit(1);
});
init().then(server => {
console.log('Server running at:', server.info.uri);
})
.catch(err => {
console.log(err);
});
您需要使用(机密)密钥为每个用户(
人const jwt = require('jsonwebtoken');
(async() => {
const key = 'GSFDSFJDSKGJD;GJRTWERIUEWFJDKL;GVCXVNMXCVCNVS;DLGFJKGFJDHGJFKHGJERHTKERHERJHTKREHJ';
const payload = { id: 1, name: 'Jen Jones' };
const token = await jwt.sign(payload, key);
console.log(token);
})();
$ node auth.js
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MSwibmFtZSI6IkplbiBKb25lcyIsImlhdCI6MTU3ODQ5MzQwOH0._kFvxkURRmzq4DgAEzAURca9yIv6KCf7MsolCiWsmRY
validateid{id:1,name:'Jen Jones'}$ curl -v -H "Authorization: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MSwibmFtZSI6IkplbiBKb25lcyIsImlhdCI6MTU3ODQ5MzQwOH0._kFvxkURRmzq4DgAEzAURca9yIv6KCf7MsolCiWsmRY" http://localhost:3000/restricted
* Trying 127.0.0.1...
* TCP_NODELAY set
* Connected to localhost (127.0.0.1) port 3000 (#0)
> GET /restricted HTTP/1.1
> Host: localhost:3000
> User-Agent: curl/7.58.0
> Accept: */*
> Authorization: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MSwibmFtZSI6IkplbiBKb25lcyIsImlhdCI6MTU3ODQ5MzQwOH0._kFvxkURRmzq4DgAEzAURca9yIv6KCf7MsolCiWsmRY
>
< HTTP/1.1 200 OK
< authorization: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MSwibmFtZSI6IkplbiBKb25lcyIsImlhdCI6MTU3ODQ5MzQwOH0._kFvxkURRmzq4DgAEzAURca9yIv6KCf7MsolCiWsmRY
< content-type: application/json; charset=utf-8
< cache-control: no-cache
< content-length: 28
< accept-ranges: bytes
< Date: Wed, 08 Jan 2020 14:26:04 GMT
< Connection: keep-alive
<
* Connection #0 to host localhost left intact
{"text":"You used a Token!"}
$curl-v-H“授权:eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.EYJPZCI6SWIFTzSI6IKPLBKBB25LCYISIMLHDCI6MTU3ODQ5MZQWOH0.\u KFxKKKKKKURMZQ4DGAEZAURCA9YIV6KCF7MSOLCIWSMry”http://localhost:3000/restricted
*正在尝试127.0.0.1。。。
*TCP_节点集
*已连接到本地主机(127.0.0.1)端口3000(#0)
>GET/restricted HTTP/1.1
>主机:localhost:3000
>用户代理:curl/7.58.0
>接受:*/*
>授权:EYJHBGCOIJIUZI1NIISINR5CCI6IKPXVCJ9.EYJPZCI6SWIFTZSI6IKPLBB25LCYISIMLHDCI6MTU3ODQ5MZQWOH0.(KFxKurrmZQ4dGaezaurca9YIV6KCF7MSOLCIWSMRY
>
为了查看任何类型的console.log,您需要发送一个格式良好的http请求,其中包含JWT头、cookie或查询参数。Hey@pzaenger,我希望您做得很好。我检查了你的答案,对我来说效果很好。谢谢你的回答,并向我解释它是如何工作的。除了
validatevalidateserver.auth.strategy('test'),…keyserver.auth.default('test')默认值访问密钥。这样应用程序就可以直接解码
令牌。如果我的方向错误,请告诉我。很高兴,我可以帮助你:)你的解释很好,基本正确。也许看一看它和它的文档可以帮助你完全理解它。