我在cakephp 3.9中有两个环境,都是相同的代码和相同的SO等等...都是在AWS托管的。我创建了一个API,它在暂存中工作得很好,但在生产中却不好,当用户使用电子邮件和密码登录以获取JWT令牌时,我总是得到FALSE。奇怪的是,它在暂存中的相同环境中工作得很好。
在端点,我有这个
/**
* Get JWT token
*/
public function token()
{
$user = $this->Auth->identify();
$roleQuery = TableRegistry::getTableLocator()->get('UsersRoles');
// Get user role
$role = $roleQuery
->find()
->select(['role_id'])
->where(['user_id' => $user['id']])
->first();
if (!$user) {
// throw new UnauthorizedException('Invalid login details');
$this->set([
'success' => false,
'data' => [
"code" => 401,
'message' => 'Invalid login details',
],
'_serialize' => ['success', 'data']
]);
} else{
$tokenId = base64_encode(32);
$issuedAt = time();
$key = Security::salt();
// $email = $user['email'];
$this->set([
'msg' => 'Login successfully',
'success' => true,
// 'user' => $user,
'data' => [
'token' => JWT::encode([
'alg' => 'HS256',
'id' => $user['id'],
'sub' => $user['id'],
'iat' => time(),
'exp' => time() + 86400,
],
$key)
],
'_serialize' => ['success', 'data', 'key']
]);
}
}}
此环境的配置
'Api' => [
'auth' => [
'storage' => 'Memory',
'authenticate' => [
'Form' => [
'fields' => [
'username' => 'email'
],
],
'ADmad/JwtAuth.Jwt' => [
'parameter' => 'token',
'userModel' => 'Users',
// 'scope' => ['Users.status' => 1],
'fields' => [
'id' => 'id'
],
'queryDatasource' => true
]
],
'unauthorizedRedirect' => false,
'checkAuthIn' => 'Controller.initialize'
],
],在ApiController中,我有这两种方法来加载组件等...
public function initialize(): void
{
parent::initialize();
$this->loadComponent('Security');
$this->loadComponent('RequestHandler');
$this->loadComponent('Auth', Configure::read('Api.auth'));
$this->Auth->allow([
'token'
]);
}
public function beforeFilter(Event $event): void
{
$this->Security->setConfig('unlockedActions', [
'token'
]);
}我在生产中总是得到相同的响应
{
"success": false,
"data": {
"code": 401,
"message": "Invalid login details"
}
}
1条答案
按热度按时间vsdwdz231#
好吧,几个小时后,我解决了这个问题。这是一个非常非常愚蠢的事情,我只是忘了添加https协议到网址在Rester(插件类似于 Postman )之前调用端点,就是这样!!!