使用 socket.io-client 对 Featherjs 进行身份验证
Authentication to Featherjs using socket.io-client
如何向 Feathersjs (https://docs.feathersjs.com/api/client/socketio.html#authentication) using Direct Connection (https://docs.feathersjs.com/api/client/socketio.html#direct-connection) 进行身份验证?以下代码表示我的 accessToken 格式不正确,但我怀疑要使其正常工作还不止于此。我在哪里获取 accessToken?
app.js(客户端):
import express from 'express';
const socket = require('socket.io-client')('http://localhost:3030', {
transports: ['websocket']
});
socket.emit('authenticate', {
strategy: 'jwt',
accessToken: 'what to enter here'
}, (message: any, data: any) => {
console.log(message);
console.log(data);
});
const app = express();
app.get('/', (req, res) => res.send('Up and running!'));
app.listen(4390, () => console.log('Example app listening on port 4390!'));
authentication.js(羽毛服务器)
const authentication = require('@feathersjs/authentication');
const jwt = require('@feathersjs/authentication-jwt');
const local = require('@feathersjs/authentication-local');
module.exports = function (app) {
const config = app.get('authentication');
// Set up authentication with the secret
app.configure(authentication(config));
app.configure(jwt());
app.configure(local());
app.service('authentication').hooks({
before: {
create: [
authentication.hooks.authenticate(config.strategies),
],
remove: [
authentication.hooks.authenticate('jwt')
]
}
});
};
我尝试使用秘密作为 accessToken 但它没有用:)
default.json(羽毛服务器配置)
"authentication": {
"secret": "r323r32rada86700f18d82ea1d3e74fb58141dbefcd7460ef71736759265e347151a12d68dff50aa59c05e2f18db88661be8ae91a3f12932fddea8891b5ca9f63b5e4fc650edabc59d0d14e8fe4ea54256e7e386845321ab58a320a9ec99438bd058a3fbbda65dadf97bc9585ea82f72201f932beqwdqwdqwd5761a0d0be3e95474db5b9c8a3f4c7303beed0344a1768ba5dad6a1c916d183ea5dd923587768661ff0b08f25ed85dff4ff4e6b58327fe5914e5e7fb2356ee67754b102434f22686444a35fc38c75bcdd6386240a22e0cf62bdc7f227200868da387174b365af2afa7dec378c4ccf22956b134a3ec961fd1ba8d3dc85a7594ab711",
"strategies": [
"jwt",
"local"
],
"path": "/authentication",
"service": "users",
"jwt": {
"header": {
"typ": "access"
},
"audience": "https://yourdomain.com",
"subject": "anonymous",
"issuer": "feathers",
"algorithm": "HS256",
"expiresIn": "1d"
},
"local": {
"entity": "user",
"usernameField": "email",
"passwordField": "password"
}
},
...
感谢所有回复!
为了获得 accessToken
,您通常需要使用 email/password
或 oauth
的策略进行身份验证。这将 return 一个 accessToken
,然后您可以将其用于 jwt
身份验证。
另一种方法是使用 custom authentication strategy,这将允许您拥有两个服务器可以用来相互通信的共享密钥。
谢谢@mchaffe!在你的帮助下我设法解决了它。这是使用的代码:
import dotenv from 'dotenv';
// Load environments
const config = dotenv.config()
if (config.error) throw config.error
const io = require('socket.io-client');
const feathers = require('@feathersjs/client');
const localStorage = require('localstorage-memory');
const client = feathers();
const socket = io('http://localhost:3030/', {
transports: ['websocket'],
forceNew: true
});
client.configure(feathers.socketio(socket), {
timeout: 10000
});
client.configure(feathers.authentication({
jwtStrategy: 'jwt',
storage: localStorage,
storageKey: 'some-token'
}));
const payload = {
strategy: 'local',
email: process.env.FEATHERS_AUTHENTICATION_EMAIL,
password: process.env.FEATHERS_AUTHENTICATION_PASSWORD
};
client.authenticate(payload).then((response: any) => {
// Do stuff to hooray here
console.log('Access Token: ' + response.accessToken);
// Works!
socket.emit('get', 'logger', 1, (error: any, log: any) => {
console.log('Found log: ' + JSON.stringify(log));
});
}).catch((e: any) => {
console.log('Error: ' + e);
});
如果您有改进的建议,我会洗耳恭听! :) 看来我可以使用 socket.emit 方法从数据库访问数据。我是否需要验证返回的 accessToken?再次感谢!
如何向 Feathersjs (https://docs.feathersjs.com/api/client/socketio.html#authentication) using Direct Connection (https://docs.feathersjs.com/api/client/socketio.html#direct-connection) 进行身份验证?以下代码表示我的 accessToken 格式不正确,但我怀疑要使其正常工作还不止于此。我在哪里获取 accessToken?
app.js(客户端):
import express from 'express';
const socket = require('socket.io-client')('http://localhost:3030', {
transports: ['websocket']
});
socket.emit('authenticate', {
strategy: 'jwt',
accessToken: 'what to enter here'
}, (message: any, data: any) => {
console.log(message);
console.log(data);
});
const app = express();
app.get('/', (req, res) => res.send('Up and running!'));
app.listen(4390, () => console.log('Example app listening on port 4390!'));
authentication.js(羽毛服务器)
const authentication = require('@feathersjs/authentication');
const jwt = require('@feathersjs/authentication-jwt');
const local = require('@feathersjs/authentication-local');
module.exports = function (app) {
const config = app.get('authentication');
// Set up authentication with the secret
app.configure(authentication(config));
app.configure(jwt());
app.configure(local());
app.service('authentication').hooks({
before: {
create: [
authentication.hooks.authenticate(config.strategies),
],
remove: [
authentication.hooks.authenticate('jwt')
]
}
});
};
我尝试使用秘密作为 accessToken 但它没有用:) default.json(羽毛服务器配置)
"authentication": {
"secret": "r323r32rada86700f18d82ea1d3e74fb58141dbefcd7460ef71736759265e347151a12d68dff50aa59c05e2f18db88661be8ae91a3f12932fddea8891b5ca9f63b5e4fc650edabc59d0d14e8fe4ea54256e7e386845321ab58a320a9ec99438bd058a3fbbda65dadf97bc9585ea82f72201f932beqwdqwdqwd5761a0d0be3e95474db5b9c8a3f4c7303beed0344a1768ba5dad6a1c916d183ea5dd923587768661ff0b08f25ed85dff4ff4e6b58327fe5914e5e7fb2356ee67754b102434f22686444a35fc38c75bcdd6386240a22e0cf62bdc7f227200868da387174b365af2afa7dec378c4ccf22956b134a3ec961fd1ba8d3dc85a7594ab711",
"strategies": [
"jwt",
"local"
],
"path": "/authentication",
"service": "users",
"jwt": {
"header": {
"typ": "access"
},
"audience": "https://yourdomain.com",
"subject": "anonymous",
"issuer": "feathers",
"algorithm": "HS256",
"expiresIn": "1d"
},
"local": {
"entity": "user",
"usernameField": "email",
"passwordField": "password"
}
},
...
感谢所有回复!
为了获得 accessToken
,您通常需要使用 email/password
或 oauth
的策略进行身份验证。这将 return 一个 accessToken
,然后您可以将其用于 jwt
身份验证。
另一种方法是使用 custom authentication strategy,这将允许您拥有两个服务器可以用来相互通信的共享密钥。
谢谢@mchaffe!在你的帮助下我设法解决了它。这是使用的代码:
import dotenv from 'dotenv';
// Load environments
const config = dotenv.config()
if (config.error) throw config.error
const io = require('socket.io-client');
const feathers = require('@feathersjs/client');
const localStorage = require('localstorage-memory');
const client = feathers();
const socket = io('http://localhost:3030/', {
transports: ['websocket'],
forceNew: true
});
client.configure(feathers.socketio(socket), {
timeout: 10000
});
client.configure(feathers.authentication({
jwtStrategy: 'jwt',
storage: localStorage,
storageKey: 'some-token'
}));
const payload = {
strategy: 'local',
email: process.env.FEATHERS_AUTHENTICATION_EMAIL,
password: process.env.FEATHERS_AUTHENTICATION_PASSWORD
};
client.authenticate(payload).then((response: any) => {
// Do stuff to hooray here
console.log('Access Token: ' + response.accessToken);
// Works!
socket.emit('get', 'logger', 1, (error: any, log: any) => {
console.log('Found log: ' + JSON.stringify(log));
});
}).catch((e: any) => {
console.log('Error: ' + e);
});
如果您有改进的建议,我会洗耳恭听! :) 看来我可以使用 socket.emit 方法从数据库访问数据。我是否需要验证返回的 accessToken?再次感谢!