具有Alamofire下载功能的JWT认证
JWT Authentication with Alamofire download function
感谢 Alamofire,我正在尝试下载一个 zip 文件并使用 JWT 令牌身份验证从服务器保存它。下载在没有令牌身份验证的情况下运行良好,文件已成功保存。当我激活 server-side 身份验证(使用 Passport.js 和 NodeJS)时,我总是收到 401。我使用 sessionManager 适配器功能将令牌附加到 header。其他请求(post,使用 sessionManager.request(..) )与此身份验证机制配合良好。
问题是:我们可以修改Alamofire下载功能的header吗?如果是怎么办?
感谢任何建议
func getZip(){
let sessionManager = Alamofire.SessionManager.default
let authHandler = JWTAccessTokenAdapter(accessToken: Auth.getAccessToken())
sessionManager.retrier = authHandler
sessionManager.adapter = authHandler
let downloadUrl: String = Auth.getApiEndpoint() + "get_zip"
let destinationPath: DownloadRequest.DownloadFileDestination = { _, _ in
let documentsURL = FileManager.default.urls(for: .documentDirectory, in: .userDomainMask)[0];
let fileURL = documentsURL.appendingPathComponent("myZip.zip")
return (fileURL, [.removePreviousFile, .createIntermediateDirectories])
}
sessionManager.download(downloadUrl, method: .get, encoding: URLEncoding.httpBody, to: destinationPath)
.downloadProgress { progress in
print(">> Zip Download Progress: \(progress.fractionCompleted)")
}
.responseData { response in
switch response.result{
case .success:
if response.destinationURL != nil, let filePath = response.destinationURL?.absoluteString {
print("success & filepath : \(filePath)")
completionHandler(filePath, true)
}
break
case .failure:
print("faillure")
completionHandler("", false)
break
}
}
}
}
JWT 适配器:
class JWTAccessTokenAdapter: RequestAdapter {
typealias JWT = String
private var accessToken: JWT
func adapt(_ urlRequest: URLRequest) throws -> URLRequest {
var urlRequest = urlRequest
if let urlString = urlRequest.url?.absoluteString, urlString.hasPrefix(Auth.getApiEndpoint()) {
/// Set the Authorization header value using the access token.
urlRequest.setValue(accessToken, forHTTPHeaderField: "Authorization")
}
return urlRequest
}
}
输出:
response: SUCCESS: 12 bytes // (Unauthorized) -> Corrupted zip file
如果您的请求链中没有 validation 步骤,所有响应都将被视为成功。因此,请检查您的响应代码(或在 responseData 之前添加 .validate())并查看您的请求是否真的成功。此外,您可能需要仔细检查您的参数编码,尽管您似乎没有发送任何参数。
感谢 Alamofire,我正在尝试下载一个 zip 文件并使用 JWT 令牌身份验证从服务器保存它。下载在没有令牌身份验证的情况下运行良好,文件已成功保存。当我激活 server-side 身份验证(使用 Passport.js 和 NodeJS)时,我总是收到 401。我使用 sessionManager 适配器功能将令牌附加到 header。其他请求(post,使用 sessionManager.request(..) )与此身份验证机制配合良好。
问题是:我们可以修改Alamofire下载功能的header吗?如果是怎么办?
感谢任何建议
func getZip(){
let sessionManager = Alamofire.SessionManager.default
let authHandler = JWTAccessTokenAdapter(accessToken: Auth.getAccessToken())
sessionManager.retrier = authHandler
sessionManager.adapter = authHandler
let downloadUrl: String = Auth.getApiEndpoint() + "get_zip"
let destinationPath: DownloadRequest.DownloadFileDestination = { _, _ in
let documentsURL = FileManager.default.urls(for: .documentDirectory, in: .userDomainMask)[0];
let fileURL = documentsURL.appendingPathComponent("myZip.zip")
return (fileURL, [.removePreviousFile, .createIntermediateDirectories])
}
sessionManager.download(downloadUrl, method: .get, encoding: URLEncoding.httpBody, to: destinationPath)
.downloadProgress { progress in
print(">> Zip Download Progress: \(progress.fractionCompleted)")
}
.responseData { response in
switch response.result{
case .success:
if response.destinationURL != nil, let filePath = response.destinationURL?.absoluteString {
print("success & filepath : \(filePath)")
completionHandler(filePath, true)
}
break
case .failure:
print("faillure")
completionHandler("", false)
break
}
}
}
}
JWT 适配器:
class JWTAccessTokenAdapter: RequestAdapter {
typealias JWT = String
private var accessToken: JWT
func adapt(_ urlRequest: URLRequest) throws -> URLRequest {
var urlRequest = urlRequest
if let urlString = urlRequest.url?.absoluteString, urlString.hasPrefix(Auth.getApiEndpoint()) {
/// Set the Authorization header value using the access token.
urlRequest.setValue(accessToken, forHTTPHeaderField: "Authorization")
}
return urlRequest
}
}
输出:
response: SUCCESS: 12 bytes // (Unauthorized) -> Corrupted zip file
如果您的请求链中没有 validation 步骤,所有响应都将被视为成功。因此,请检查您的响应代码(或在 responseData 之前添加 .validate())并查看您的请求是否真的成功。此外,您可能需要仔细检查您的参数编码,尽管您似乎没有发送任何参数。