Feathersjs撤销JWT';他正在使用Redis
使用Redis的Feathersjs 使用所提供的示例无法实现预期结果,令牌未被吊销。它正在重新验证,无法找出缺少的内容。需要帮助,如何撤销JWT令牌Feathersjs撤销JWT';他正在使用Redis,redis,jwt,feathersjs,Redis,Jwt,Feathersjs,使用Redis的Feathersjs 使用所提供的示例无法实现预期结果,令牌未被吊销。它正在重新验证,无法找出缺少的内容。需要帮助,如何撤销JWT令牌 链接-有redis示例。成功撤销了JWT使用redis的行为。 下面是相同的代码 redis.ts redis-authentication.ts 身份验证.ts 从'@feathersjs/feathers'导入{ServiceAddons}; 从'@feathersjs/authentication'导入{AuthenticationServ
链接-有redis示例。成功撤销了JWT使用redis的行为。 下面是相同的代码 redis.ts redis-authentication.ts 身份验证.ts
从'@feathersjs/feathers'导入{ServiceAddons};
从'@feathersjs/authentication'导入{AuthenticationService,JWTStrategy};
从'@featherjs/authentication local'导入{LocalStrategy};
从'@feathersjs/authentication oauth'导入{expressOauth};
从“./declarations”导入{Application};
从“/redis authentication”导入{RedisAuthenticationService};
声明模块'./declarations'{
接口服务类型{
“身份验证”:AuthenticationService和ServiceAddons;
}
}
导出默认值(应用程序:应用程序)=>{
const authentication=新的重新认证服务(app);
authentication.register('jwt',new JWTStrategy());
authentication.register('local',new LocalStrategy());
应用程序使用('/authentication',authentication);
app.configure(expressOauth());
};
谢谢你的回答,只是不明白我们是如何撤销它的?
import * as redis from 'redis';
import { Application } from './declarations';
import logger from './logger';
export default (app: Application) => {
const { connection } = app.get('redis');
const redisClient: redis.RedisClient = redis.createClient(connection);
redisClient.on('connect', () => {
logger.info('redis connected on %s:%d', connection.host, connection.port);
});
app.set('redisClient', redisClient);
};
import { promisify } from 'util';
import { AuthenticationService, AuthenticationResult, AuthenticationRequest } from '@feathersjs/authentication';
import { Application } from './declarations';
import { Params } from '@feathersjs/feathers';
import { NotAuthenticated } from '@feathersjs/errors';
import logger from './logger';
export class RedisAuthenticationService extends AuthenticationService {
redis: any;
constructor(app: Application, configKey?: string) {
super(app, configKey);
const redisClient = app.get('redisClient');
// Promise wrapper for Redis client
this.redis = {
redisClient,
get: promisify(redisClient.get.bind(redisClient)),
set: promisify(redisClient.set.bind(redisClient)),
exists: promisify(redisClient.exists.bind(redisClient)),
expire: promisify(redisClient.expire.bind(redisClient))
};
}
async revokeAccessToken(accessToken: any) {
// First make sure the access token is valid
const verified = await this.verifyAccessToken(accessToken);
// Calculate the remaining valid time for the token (in seconds)
const expiry = verified.exp - Math.floor(Date.now() / 1000);
// Add the revoked token to Redis and set expiration
await this.redis.set(accessToken, 'true');
await this.redis.expire(accessToken, expiry);
return verified;
}
async verifyAccessToken(accessToken: any) {
if (await this.redis.exists(accessToken)) {
throw new NotAuthenticated('Token revoked');
}
return super.verifyAccessToken(accessToken);
}
async remove(id: string, params: Params) {
const authResult = await super.remove(id, params);
const { accessToken } = authResult;
if (accessToken) {
// If there is an access token, revoke it
await this.revokeAccessToken(accessToken);
}
return authResult;
}
}
import { ServiceAddons } from '@feathersjs/feathers';
import { AuthenticationService, JWTStrategy } from '@feathersjs/authentication';
import { LocalStrategy } from '@feathersjs/authentication-local';
import { expressOauth } from '@feathersjs/authentication-oauth';
import { Application } from './declarations';
import { RedisAuthenticationService } from './redis-authentication';
declare module './declarations' {
interface ServiceTypes {
'authentication': AuthenticationService & ServiceAddons<any>;
}
}
export default (app: Application) => {
const authentication = new RedisAuthenticationService(app);
authentication.register('jwt', new JWTStrategy());
authentication.register('local', new LocalStrategy());
app.use('/authentication', authentication);
app.configure(expressOauth());
};