Node.js - Express.js JWT always returns an invalid token error in browser response(Node.js - Express.js JWT 总是在浏览器响应中返回一个无效的令牌错误)
问题描述
我将 node.js 和 express.js 与
var expressJwt = require('express-jwt');var jwt = require('jsonwebtoken');var SECRET = 'shhhhhhared-secret';app.use('/api', expressJwt({secret: SECRET}));app.post('/authenticate', function (req, res) {//TODO 验证 req.body.username 和 req.body.password//如果无效,返回401if (!(req.body.username === 'john.doe' && req.body.password === 'foobar')) {res.send(401, '错误的用户或密码');返回;}变量配置文件 = {first_name: '约翰',姓氏:'Doe',电子邮件:'john@doe.com',编号:123};//我们在令牌内发送配置文件var token = jwt.sign(profile, SECRET, { expiresIn: 18000 });//60*5 分钟res.json({ token: token });});app.get('/api/protected',函数(请求,资源){res.json(req.user);});I'm using node.js and express.js with the express-jwt module, and I have set up a simple HTTP server to test everything:
This is the node code involved:
app.set('port', process.env.PORT || 3000);
app.use(express.methodOverride());
app.use(allow_cross_domain);
app.use('/api', expressJwt({secret: '09qrjjwef923jnrge$5ndjwk'}));
app.use(express.json());
app.use(express.urlencoded());
app.use('/', express.static(__dirname + '/'));
app.use(function(err, req, res, next){
if (err.constructor.name === 'UnauthorizedError') {
res.send(401, 'Unauthorized');
}
});
app.get('login',function(req,res){
//...
jwt.sign(results.username+results.email, secret, { expiresInMinutes: 9000000000*9393939393393939393939 });
});
app.post('api/profile',function(req,res){
console.log(req.user); // this return undefined in console
res.send(req.user); // response is pending and dunno why it returns error in browser console
});
So once I open the /login URL I get logged in and I send the session token to api/post, which returns this response error in the browser console:
{"error":{"message":"invalid signature","code":"invalid_token","status":401,"inner":{}}}
I don't understand why this is happening, because the token stored in the front-end and the token in JWT are the same. What could be the reason for this error?
An example of headers POSTed to the api/post URL:
Here is an example
http://blog.auth0.com/2014/01/07/angularjs-authentication-with-cookies-vs-token/
var expressJwt = require('express-jwt');
var jwt = require('jsonwebtoken');
var SECRET = 'shhhhhhared-secret';
app.use('/api', expressJwt({secret: SECRET}));
app.post('/authenticate', function (req, res) {
//TODO validate req.body.username and req.body.password
//if is invalid, return 401
if (!(req.body.username === 'john.doe' && req.body.password === 'foobar')) {
res.send(401, 'Wrong user or password');
return;
}
var profile = {
first_name: 'John',
last_name: 'Doe',
email: 'john@doe.com',
id: 123
};
// We are sending the profile inside the token
var token = jwt.sign(profile, SECRET, { expiresIn: 18000 }); // 60*5 minutes
res.json({ token: token });
});
app.get('/api/protected',
function(req, res) {
res.json(req.user);
});
这篇关于Node.js - Express.js JWT 总是在浏览器响应中返回一个无效的令牌错误的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持编程学习网!
本文标题为:Node.js - Express.js JWT 总是在浏览器响应中返回一个
- Flexslider 箭头未正确显示 2022-01-01
- Quasar 2+Apollo:错误:找不到ID为默认的Apollo客户端。如果您在组件设置之外,请使用ProvideApolloClient() 2022-01-01
- Css:将嵌套元素定位在父元素边界之外一点 2022-09-07
- 失败的 Canvas 360 jquery 插件 2022-01-01
- Fetch API 如何获取响应体? 2022-01-01
- CSS媒体查询(最大高度)不起作用,但为什么? 2022-01-01
- addEventListener 在 IE 11 中不起作用 2022-01-01
- 400或500级别的HTTP响应 2022-01-01
- 使用RSelum从网站(报纸档案)中抓取多个网页 2022-09-06
- 如何使用 JSON 格式的 jQuery AJAX 从 .cfm 页面输出查 2022-01-01
