Node.js Express JWT身份验证中间件错误:Next不是函数
我正在构建一个前端应用程序,除了JWT之外,它还使用2FA来授权经过身份验证的帐户。中间件的设置如下所示:Node.js Express JWT身份验证中间件错误:Next不是函数,node.js,express,authentication,jwt,express-jwt,Node.js,Express,Authentication,Jwt,Express Jwt,我正在构建一个前端应用程序,除了JWT之外,它还使用2FA来授权经过身份验证的帐户。中间件的设置如下所示: const router = require('express').Router() const jwt = require('jsonwebtoken') const exjwt = require('express-jwt') const jwtMW = exjwt({ secret: 'testing out a secret', }) const getBearerTok
const router = require('express').Router()
const jwt = require('jsonwebtoken')
const exjwt = require('express-jwt')
const jwtMW = exjwt({
secret: 'testing out a secret',
})
const getBearerToken = (header, callback) => {
if (header) {
console.log(header)
const token = header.split(' ')
if (token) {
return callback(null, token[0])
} else {
return callback('Malformed bearer token', null)
}
} else {
return callback('Missing authorization header', null)
}
}
const validateToken = (req, res, next) => {
getBearerToken(req.headers['authorization'], (error, token) => {
if (error) {
return res.status(401).json({ success: false, message: error })
}
jwt.verify(token, jwtMW, (error, decodedToken) => {
if (error) {
return res.status(401).send({
success: false,
error: 'Invalid authorization token',
})
}
if (decodedToken.authorized) {
req.decodedToken = decodedToken
next()
} else {
return res
.status(401)
.send({ success: false, error: '2fa is required' })
}
})
})
}
我在受保护的路线上运行它,如下所示:
router.get('/:id/profile', validateToken, (req, res) => {
User.findById(req.params.id)
.then(user => res.json(user))
.catch(err => res.status(400).json('Error: ' + err))
})
编辑,附加路线
还有另一条获取令牌的路径:
router.post('/verifycheck', (req, res) => {
let tel = `+1${req.body.tel}`
const code = req.body.code
getBearerToken(req.headers['authorization'], (error, token) => {
if (error) {
console.log(error)
return res.status(401).json({ success: false, message: error })
}
if (!code) {
return res.status(401).json({
success: false,
message: 'A verification code is required',
})
}
jwt.verify(token, jwtMW, (error, decodedToken) => {
// client refers to Twilio Verify service //
client.verify
.services('xxxxxxxxxxxxxxxxxxxxx')
.verificationChecks.create({ to: tel, code: code })
.then(verification_check => {
console.log(error)
console.log(decodedToken)
if (verification_check.valid) {
decodedToken.authorized = true
console.log(decodedToken)
var token = jwt.sign(decodedToken, jwtMW, {
expiresIn: 129600,
})
return res.json({ verification_check, token })
} else {
return res.status(401).json({
success: false,
message: 'Invalid verification code',
})
}
})
.catch(err => {
res.json(err.message)
console.log(err)
})
})
})
})
它抛出一个错误,使服务器崩溃,说
TypeError: next is not a function
at middleware (D:\Users\Capstone Design\Desktop\learningmongodb\mern-rod\node_modules\express-jwt\lib\index.js:76:16)
at Object.module.exports [as verify] (D:\Users\Capstone Design\Desktop\learningmongodb\mern-rod\node_modules\jsonwebtoken\verify.js:94:10)
at getBearerToken (D:\Users\Capstone Design\Desktop\learningmongodb\mern-rod\backend\routes\index.js:109:13)
at getBearerToken (D:\Users\Capstone Design\Desktop\learningmongodb\mern-rod\backend\routes\index.js:22:20)
at router.post (D:\Users\Capstone Design\Desktop\learningmongodb\mern-rod\backend\routes\index.js:97:5)
我知道错误发生在哪里,但我不确定如何修复此错误
编辑
我意识到jwt.verify不接受回调作为参数。当我删除回调函数并在try/catch语句中运行verify函数时,一切正常
const validateToken = (req, res, next) => {
getBearerToken(req.headers['authorization'], (error, token) => {
if (error) {
return res.status(401).json({ success: false, message: error })
}
let decoded = ''
try {
decoded = jwt.verify(token, 'testing out a secret')
} catch (error) {
return res.status(401).send({
success: false,
error: 'Invalid authorization token',
})
}
if (decoded.authorized) {
req.decodedToken = decoded
next()
} else {
return res
.status(401)
.send({ success: false, error: '2fa is required' })
}
})
}
您是否已导出您的
validateToken
并将其导入到您的router
文件中?@titustiofanpula validateToken函数是在路由器文件中定义的。为什么要分离该代码?在这个问题中,为什么不发布该路径中的所有代码,这样我们就可以知道问题出在哪里了。也许您可以更新问题中的代码。@titusutiofanpula这是使用此身份验证中间件的唯一路径。路由非常简单,我想看看如何声明router
变量。