node.js - NodeJS 类型错误 ('JwtStrategy requires a secret or key' );

Question

我已尝试替换 JwtStrategy 实现

1. User.findOne({id: jwt_payload.id} 与

2. User.getUserById(jwt_payload._doc._id, (err, user)

在 user.js 文件中我在运行 index.js 时遇到的错误是:-

H:\rprfinal\node_modules\passport-jwt\lib\strategy.js:29
        throw new TypeError('JwtStrategy requires a secret or key');
        ^
TypeError: JwtStrategy requires a secret or key
    at new JwtStrategy (H:\rprfinal\node_modules\passport-jwt\lib\strategy.js:29:15)
    at module.exports (H:\rprfinal\config\passport.js:10:18)
    at Object.<anonymous> (H:\rprfinal\index.js:42:29)
    at Module._compile (module.js:569:30)
    at Object.Module._extensions..js (module.js:580:10)
    at Module.load (module.js:503:32)
    at tryModuleLoad (module.js:466:12)
    at Function.Module._load (module.js:458:3)
    at Function.Module.runMain (module.js:605:10)
    at startup (bootstrap_node.js:158:16)
    at bootstrap_node.js:575:3
[nodemon] app crashed - waiting for file changes before starting...

在 user.js 文件中:-

module.exports.getUserById = function(id, callback){
    User.findById(id, callback);
}

index.js 文件:-

     //Body parser Middleware
app.use(bodyParser.json());

    //Passport Middleware 
app.use(passport.initialize());
app.use(passport.session());

require('./config/passport')(passport);

app.use('/users',users);

passport.js 文件:-

const JwtStrategy = require('passport-jwt').Strategy;
const ExtractJwt = require('passport-jwt').ExtractJwt;
const User = require('../models/user');
const config = require('../config/database');

module.exports = function(passport){
    let opts = {};
    opts.jwtFromRequest = ExtractJwt.fromAuthHeader();
    opts.secretOrKey = config.secret;
    passport.use(new JwtStrategy(opts, (jwt_payload, done) => {
        User.getUserById(jwt_payload._doc._id, (err, user) => {
            if(err){
                return done(err, false);
            }
            if(user){
                return done(null, user);
            } else{
                return done(null, false);
            }
        });
    }));
}

和包含注册和身份验证的 users.js

 // Authenticate
router.post('/authenticate',(req, res, next) => {
const username = req.body.username;
const password =req.body.password;

User.getUserBYUsername(username, (err, user) => {
    if(err) throw err;
    if(!user){
        return res.json({success: false,msg: 'User not found'});
    }
User.comparePassword(password,user.password, (err, isMatch) => {
  if(err) throw err;
  if(isMatch){
      const token = jwt.sign(user, config.secret, {
          expiresIn: 604800 // 1 Week
      });

    res.json({
        success: true,
        token: 'JWT '+token,
        user: {
            id: user._id,
            name:user.name,
            username: user.username,
            email: user.email
        }
    });
  } else {
       return res.json({success: false, msg: 'Wrong password'});
   } 
});
});
});

Answer 1

遇到了同样的问题。这只是因为传递给 JwtStrategy 的第一个 options 参数必须有一个有效的 secretOrKey。留下 secretOrKey undefined 会给你错误。

在我的例子中，我使用 dotenv 读取 process.env 变量，并且必须确保 require('dotenv').config(); 在访问 process.env.SECRET 之前被调用。

require('dotenv').config();
const jwtOptions = {
    jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
    secretOrKey: process.env.SECRET
};
const strategy = new JwtStrategy(jwtOptions, function (payload, done) {
    // ...
});