Ruby on rails &引用;“没有可用的验证密钥”;当试图访问由Desive JWT保护的API时
我已经安装了gemRuby on rails &引用;“没有可用的验证密钥”;当试图访问由Desive JWT保护的API时,ruby-on-rails,devise,devise-jwt,Ruby On Rails,Devise,Devise Jwt,我已经安装了gemdesigne jwt。我可以执行登录请求,并收到一个授权令牌作为回报,但当我尝试访问安全端点时,我会收到消息:没有可用的验证密钥。 blaine@devbox:~/langsite/backend [master] $ curl -H "Authorization: Bearer eyJhbGciOiJIUzI1NiJ9.eyJqdGkiOiIwZWNjMmIzNi04ZmZiLTQ2Y2QtYTZkNi1iZGRjZmU4YTQxNmMiLCJzdWIiOiIxI
designe jwt没有可用的验证密钥。blaine@devbox:~/langsite/backend [master] $ curl -H "Authorization: Bearer eyJhbGciOiJIUzI1NiJ9.eyJqdGkiOiIwZWNjMmIzNi04ZmZiLTQ2Y2QtYTZkNi1iZGRjZmU4YTQxNmMiLCJzdWIiOiIxIiwic2NwIjoidXNlciIsImF1ZCI6bnVsbCwiaWF0IjoxNjA1ODQ2NjczLCJleHAiOjE2MDU4NzU0NzN9.ZyqvylXeLZbrRM2V2s5qsyHxiGgElng58HwQ8qjOHCU" http://localhost:3001/quiz_sentences.json
{"error":"No verification key available"}
config/initializers/designe.rbconfig.jwt do |jwt|
jwt.secret = Rails.application.credentials.secret_key_jwt
jwt.dispatch_requests = [
['POST', %r{^/users/sign_in$}],
['GET', %r{^/$}]
]
jwt.request_formats = { user: [:json] }
jwt.expiration_time = 8.hours.to_i
end
blaine@devbox:~/langsite/backend [master] $ curl -D - -X POST -d "user[email]=brlafreniere@gmail.com&user[password]=blaine" http://localhost:3001/users/sign_in.json
HTTP/1.1 201 Created
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Location: /
Content-Type: application/json; charset=utf-8
Authorization: Bearer eyJhbGciOiJIUzI1NiJ9.eyJqdGkiOiIwZWNjMmIzNi04ZmZiLTQ2Y2QtYTZkNi1iZGRjZmU4YTQxNmMiLCJzdWIiOiIxIiwic2NwIjoidXNlciIsImF1ZCI6bnVsbCwiaWF0IjoxNjA1ODQ4MDQ2LCJleHAiOjE2MDU4NzY4NDZ9.66Hg_NG3E79-ybC4rJK_XkkSxpLcWHWTlOiw96hyvjg
ETag: W/"cfe36cdecee4080492f63e8c8f0c091b"
Cache-Control: max-age=0, private, must-revalidate
X-Request-Id: c961fc61-a1b4-49f0-bc16-63f19a0abd22
X-Runtime: 0.279213
Vary: Origin
Transfer-Encoding: chunked
Rails.application.config.middleware.insert_before 0, Rack::Cors do
allow do
origins '*'
resource('*',
headers: :any,
expose: ["Authorization"],
methods: :any
)
end
end
class User < ApplicationRecord
include Devise::JWT::RevocationStrategies::JTIMatcher
# Include default devise modules. Others available are:
# :confirmable, :lockable, :timeoutable, :trackable and :omniauthable
devise :database_authenticatable, :registerable, :recoverable,
:rememberable, :validatable, :jwt_authenticatable, jwt_revocation_strategy: self
end
class用户我很困惑,感谢你的帮助。谢谢。TLDR;确认jwt.secret是否已实际设置 我也有同样的问题,在我的案例中,这是因为通过
systemdjwt.secretconfig.jwt do | jwt|
jwt.secret=ENV['jwt_secret_KEY']#为空,仅当通过systemd或其他守护进程启动时
jwt.dispatch_请求=[
['POST',%r{^/login$}]
]
jwt.U撤销请求=[
['DELETE',%r{^/logout$}]
]
jwt.expiration\u time=2.2周至\u i
结束
出于某种原因,在远程服务器上,通过
systemdenv['JWT\u SECRET\u KEY']config.jwt do | jwt|
jwt.secret=“012345678901234567890123456789”#突然起作用
jwt.dispatch_请求=[
['POST',%r{^/login$}]
]
jwt.U撤销请求=[
['DELETE',%r{^/logout$}]
]
jwt.expiration\u time=2.2周至\u i
结束
jwt.secretauth令牌。像你一样,这让我很反感,因为它让我认为我的设置是正确的
为了测试您是否遇到了类似的问题,请暂时将胡言乱语硬编码为机密。如果这行得通,那你就走对了
显然,您不应该硬编码字符串,而是应该查看并确认您的秘密是否正确地输入到上述配置中
对我来说,这意味着在systemd
服务配置中指定一个EnvironmentFile
,该配置包含key=value
对(很像dotenv
文件)。这个问题与我的问题相匹配,但每个问题的答案不同:
对于遇到此问题的其他人,请检查您是否正在使用Rails.application.secret\u key\u base(而不是Rails.application.secrets.secret\u key\u base)我也遇到了这种情况!仅在我的远程服务器上。在本地,它运行良好。此外,如果我启动服务器而不对其进行后台监控,它也可以正常工作!我仍在深入研究它,但作为一种解决方法,我最终通过SSH访问了该实例并手动启动了Puma。非常感谢您,这节省了数小时的痛苦。哦,天哪,我的.env文件中注释了我的环境变量。。。谢谢你的解决方案