typescript 在NestJS中使用Passport JWT时出现未经授权的401(缺少凭据)

4ioopgfo  于 2022-12-14  发布在  TypeScript
关注(0)|答案(1)|浏览(249)

我尝试使用JWT在NestJS API中对用户进行身份验证,但总是得到相同的错误:第401章.
让我先给你看我的代码,然后再告诉你我的调查结果:

JWT生成(此代码工作正常)

auth.module.ts

import { Module } from '@nestjs/common';
import { ConfigModule, ConfigService } from '@nestjs/config';
import { JwtModule } from '@nestjs/jwt';
import { UserModule } from 'src/user/user.module';
import { AuthService } from './auth.service';
import { LocalAuthController } from './local/local-auth.controller';
import { JwtStrategy } from './jwt/jwt.strategy';

@Module({
    imports: [
        ConfigModule,
        JwtModule.register({
            secretOrPrivateKey: 'a'
        }),
        UserModule],
    providers: [AuthService, JwtStrategy],
    controllers: [LocalAuthController]
})
export class AuthModule {}

auth.service.ts

import { Injectable, UnauthorizedException } from '@nestjs/common';
import { UserService } from 'src/user/user.service';
import * as bcrypt from 'bcrypt';
import { LocalAuthDto } from './local/local-auth.dto';
import { AccountType, User } from 'src/user/entity/user.entity';
import { JwtPayload } from './jwt/jwt.payload';
import { JwtService } from '@nestjs/jwt';

@Injectable()
export class AuthService {
    constructor(
        private readonly userService: UserService,
        private readonly jwtService: JwtService,
    ) {}

    async signinLocal(localAuthDto: LocalAuthDto): Promise<any | null> {
        const user = await this.userService.findOneByEmailOrUsername(localAuthDto.emailOrUsername, true);

        if (user === null || !(await bcrypt.compare(localAuthDto.password, user.password)))
            throw new UnauthorizedException("Invalid credentials");

        const payload: JwtPayload = { sub: user.uuid };

        return this.jwtService.sign(payload);
    }
}

local-auth.controller.ts

import { Body, Controller, Post, Request, UnauthorizedException, UseGuards } from '@nestjs/common';
import { ApiTags } from '@nestjs/swagger';
import { AuthService } from '../auth.service';
import { LocalAuthDto } from './local-auth.dto';

@ApiTags("auth")
@Controller('auth/local')
export class LocalAuthController {

    constructor(private readonly authService: AuthService) {}

    @Post('signin')
    async signin(@Body() localAuthDto: LocalAuthDto) {
        return await this.authService.signinLocal(localAuthDto);
    }
}

jwt.payload.ts

export class JwtPayload {
    sub: string;
}

JWT用法(这不起作用)

jwt.strategy.ts

import { Injectable, Logger, UnauthorizedException } from "@nestjs/common";
import { PassportStrategy } from "@nestjs/passport";
import { ExtractJwt } from "passport-jwt";
import { Strategy } from "passport-local";

@Injectable()
export class JwtStrategy extends PassportStrategy(Strategy, 'jwt') {
    constructor() {
        super({
            jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
            ignoreExpiration: true,
            secretOrKey: 'a',
        });
    }

    async validate(payload: any) {
        return payload;
    }
}

jwt.guard.ts

import { Injectable, Logger, UnauthorizedException } from "@nestjs/common";
import { AuthGuard } from "@nestjs/passport";

@Injectable()
export class JwtAuthGuard extends AuthGuard('jwt') {
    private readonly logger = new Logger(JwtAuthGuard.name);

    handleRequest(err, user, info) {
        this.logger.error(err, user, info);
        
        if (err || !user) {
            throw err || new UnauthorizedException();
        }
        return user;
    }

}

使用JwtAuthGuard的位置

app.controller.ts

import { Controller, Get, UseGuards } from '@nestjs/common';
import { ApiBearerAuth } from '@nestjs/swagger';
import { JwtAuthGuard as JwtAuthGuard } from './auth/jwt/jwt.guard';

@Controller()
export class AppController {
    constructor() {}

    @Get()
    healthCheck(): string {
        return "API started";
    }

    @ApiBearerAuth()
    @UseGuards(JwtAuthGuard)
    @Get("authCheck")
    authenticationGuardCheck(): string {
        return "It works";
    }

}

我的调查
首先我提取了一个由我的代码生成的JWT:eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIwNGRkM2MyNi03YjA4LTQ2MWEtYTA4OS05YWRkOTgzZjZmODUiLCJpYXQiOjE2NzA3NzU2MzR9.0MuojBY0_i5Losa6IgPrB2A2py-XrLoueMc4Mk1PUrY它包含正确的uuid,并且使用secret进行了良好签名:a
Passport在控制台中没有给予我任何错误,只是返回了Unauthorized 401
因此,我尝试显示更多信息,并找到了以下代码(在jwt.guard.ts中):

handleRequest(err, user, info) {
        this.logger.error(err, user, info);
        
        if (err || !user) {
            throw err || new UnauthorizedException();
        }
        return user;
    }

现在,当我发送请求时,控制台会显示以下内容:passport "errors"
因此,我要求NestJS打印我的请求,并且我的令牌已存在:request header
现在我被困在这里,我不明白为什么passport不能在请求头中得到我的令牌。(
谢谢你的帮助

typescript

1条答案

按热度按时间
vatpfxk5

vatpfxk51#

在您的JwtStrategy中,您从passport-local而不是passport-jwt导入Strategy。这意味着passport正在查找req.body.usernamereq.body.password,而不是实际关心您通过authorization标头发送的JWT。请改为从passport-jwt导入Strategy,此问题应得到解决

赞(0)分享  回复(0)举报  2022-12-14
我来回答

相关问题

    查看更多

    热门标签

    更多
    JavaquerypythonNode开发语言requestUtil数据库Table后端算法LoggerMessageElementParser

    最新问答

    更多
    • 蜀ICP备2022004421号-2 NULL123 https://www.null123.com © All rights reserved
    • 本站内容来源互联网,如果侵犯您的权益请联系我们删除, 联系方式:448109455@qq.com