gpt4 book ai didi

node.js - hapi-auth-jwt2 无法在 hapi.js 应用程序中工作?

转载 作者:太空宇宙 更新时间:2023-11-03 23:50:32 29 4
gpt4 key购买 nike

我刚刚开始学习hapi.js 。我正在尝试理解身份验证的代码。这是如何运作的。为此,我关注了hapi-auth-jwt2

之后,当我从 postman 调用 API 时,我没有得到任何输出。

这是我的 server.js 文件,我运行 node server.js

'use strict';

const Hapi = require('@hapi/hapi');
const jwt = require('jsonwebtoken');
const people = {
1: {
id: 1,
name: 'Jen Jones'
}
};

// bring your own validation function
const validate = async function (decoded, request, h) {
// do your checks to see if the person is valid
if (!people[decoded.id]) {
return { isValid: false };
}
else {
return { isValid: true };
}
};

const init = async () => {
const server = Hapi.server({
port: 3000,
host: 'localhost'
});
await server.register(require('hapi-auth-jwt2'));
server.auth.strategy('test', 'jwt',
{
key: 'GSFDSFJDSKGJD;GJRTWERIUEWFJDKL;GVCXVNMXCVCNVS;DLGFJKGFJDHGJFKHGJERHTKERHERJHTKREHJ', // Random String
validate,
verifyOptions: { algorithms: ['HS256'] }
});
server.auth.default('test');


server.route([
{
method: 'GET',
path: '/restricted',
config: {
auth: 'test'
},
handler: function (request, h) {
console.log("request.headers.authorization ::: ", request.headers.authorization);
const response = h.response({ text: 'You used a Token!' });
response.header("Authorization", request.headers.authorization);
return response;
}
}
]);


await server.start();
return server;
};

process.on('unhandledRejection', (err) => {

console.log(err);
process.exit(1);
});

init().then(server => {
console.log('Server running at:', server.info.uri);
})
.catch(err => {
console.log(err);
});

来自 postman

iamge

最佳答案

您需要使用( secret ) key 为每个用户(people)创建一个 token ,例如:

const jwt = require('jsonwebtoken');

(async() => {
const key = 'GSFDSFJDSKGJD;GJRTWERIUEWFJDKL;GVCXVNMXCVCNVS;DLGFJKGFJDHGJFKHGJERHTKERHERJHTKREHJ';
const payload = { id: 1, name: 'Jen Jones' };
const token = await jwt.sign(payload, key);
console.log(token);
})();

这是给定负载的 token :

$ node auth.js
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MSwibmFtZSI6IkplbiBKb25lcyIsImlhdCI6MTU3ODQ5MzQwOH0._kFvxkURRmzq4DgAEzAURca9yIv6KCf7MsolCiWsmRY

token 包含有效负载,再次使用相同的 key 在 validate 中检查有效负载(实际上只需 id 就足够了)。现在使用用户的 token 访问受限路由 { id: 1, name: 'Jen Jones' }:

$ curl -v -H "Authorization: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MSwibmFtZSI6IkplbiBKb25lcyIsImlhdCI6MTU3ODQ5MzQwOH0._kFvxkURRmzq4DgAEzAURca9yIv6KCf7MsolCiWsmRY"   http://localhost:3000/restricted
* Trying 127.0.0.1...
* TCP_NODELAY set
* Connected to localhost (127.0.0.1) port 3000 (#0)
> GET /restricted HTTP/1.1
> Host: localhost:3000
> User-Agent: curl/7.58.0
> Accept: */*
> Authorization: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MSwibmFtZSI6IkplbiBKb25lcyIsImlhdCI6MTU3ODQ5MzQwOH0._kFvxkURRmzq4DgAEzAURca9yIv6KCf7MsolCiWsmRY
>
< HTTP/1.1 200 OK
< authorization: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MSwibmFtZSI6IkplbiBKb25lcyIsImlhdCI6MTU3ODQ5MzQwOH0._kFvxkURRmzq4DgAEzAURca9yIv6KCf7MsolCiWsmRY
< content-type: application/json; charset=utf-8
< cache-control: no-cache
< content-length: 28
< accept-ranges: bytes
< Date: Wed, 08 Jan 2020 14:26:04 GMT
< Connection: keep-alive
<
* Connection #0 to host localhost left intact
{"text":"You used a Token!"}

关于node.js - hapi-auth-jwt2 无法在 hapi.js 应用程序中工作?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/59647486/

29 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com