NestJs - 无法在不记名令牌上获得用户身份验证响应
NestJs - Unable to get user auth response on Bearer Token
我使用 NestJs 作为框架,使用 jwt 进行身份验证。我尝试使用用户凭据登录端点,然后收到一个 jwt 令牌作为响应。之后,我使用该令牌(不记名令牌)访问所有用户信息(下面的代码),但出现以下错误:
Error
[Nest] 17189 - 03/15/2021, 12:52:59 PM [ExceptionsHandler] this.validate is not a function +47159ms
TypeError: this.validate is not a function
at JwtStrategy.<anonymous> (/Users/axels18m/Desktop/Work/Testing/nest-twitter-project/node_modules/@nestjs/passport/dist/passport/passport.strategy.js:19:55)
at Generator.next (<anonymous>)
at /Users/axels18m/Desktop/Work/Testing/nest-twitter-project/node_modules/@nestjs/passport/dist/passport/passport.strategy.js:8:71
at new Promise (<anonymous>)
at __awaiter (/Users/axels18m/Desktop/Work/Testing/nest-twitter-project/node_modules/@nestjs/passport/dist/passport/passport.strategy.js:4:12)
at JwtStrategy.callback [as _verify] (/Users/axels18m/Desktop/Work/Testing/nest-twitter-project/node_modules/@nestjs/passport/dist/passport/passport.strategy.js:16:45)
at /Users/axels18m/Desktop/Work/Testing/nest-twitter-project/node_modules/passport-jwt/lib/strategy.js:123:34
at /Users/axels18m/Desktop/Work/Testing/nest-twitter-project/node_modules/jsonwebtoken/verify.js:223:12
at getSecret (/Users/axels18m/Desktop/Work/Testing/nest-twitter-project/node_modules/jsonwebtoken/verify.js:90:14)
at Object.module.exports [as verify] (/Users/axels18m/Desktop/Work/Testing/nest-twitter-project/node_modules/jsonwebtoken/verify.js:94:10)
这是引发错误的端点(user.controller.ts)
@Controller('user')
export class UserController
{
constructor(
private userService: UserService
) {}
@hasRoles('admin')
@UseGuards(JwtAuthGuard, RolesGuard)
@Get()
getAll(): Observable<User[]>
{
return this.userService.getAll();
}
}
- jwt-strategy.ts 文件
@Injectable()
export class JwtStrategy extends PassportStrategy(Strategy)
{
constructor(private configService: ConfigService)
{
super({
jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
ignoreExpiration: false,
secretOrKey: configService.get('JWT_SECRET')
});
}
async validator(payload: any)
{
return { 'user': payload.user , 'username': payload.username };
}
}
getAll 用户的步骤:
- 登录(returns 用作不记名令牌的 jwt 令牌)
@Post('login')
login(@Body() user: User): Observable<Object>
{
return this.userService.login(user).pipe(
map((jwt: string) => { return { access_token: jwt} })
)
}
- 添加不记名令牌并将其发送到 getAll 用户方法后(这是为了获取所有用户信息的访问权限,如果没有 barear 令牌,您将收到未经授权的 401 错误),AuthGuard 被触发并显示以上错误。我已经尝试过这个:
@UserGuards(AuthGuard('jwt'), RolesGuard) 而不是 @UseGuards(JwtAuthGuard, RolesGuard)
在您的 JwtStrategy 中,您有 async 方法 valdiator 而不是 validate。此方法 需要 为 validate 以便 @nestjs/passport 将方法正确发送至 passport
我使用 NestJs 作为框架,使用 jwt 进行身份验证。我尝试使用用户凭据登录端点,然后收到一个 jwt 令牌作为响应。之后,我使用该令牌(不记名令牌)访问所有用户信息(下面的代码),但出现以下错误:
Error
[Nest] 17189 - 03/15/2021, 12:52:59 PM [ExceptionsHandler] this.validate is not a function +47159ms
TypeError: this.validate is not a function
at JwtStrategy.<anonymous> (/Users/axels18m/Desktop/Work/Testing/nest-twitter-project/node_modules/@nestjs/passport/dist/passport/passport.strategy.js:19:55)
at Generator.next (<anonymous>)
at /Users/axels18m/Desktop/Work/Testing/nest-twitter-project/node_modules/@nestjs/passport/dist/passport/passport.strategy.js:8:71
at new Promise (<anonymous>)
at __awaiter (/Users/axels18m/Desktop/Work/Testing/nest-twitter-project/node_modules/@nestjs/passport/dist/passport/passport.strategy.js:4:12)
at JwtStrategy.callback [as _verify] (/Users/axels18m/Desktop/Work/Testing/nest-twitter-project/node_modules/@nestjs/passport/dist/passport/passport.strategy.js:16:45)
at /Users/axels18m/Desktop/Work/Testing/nest-twitter-project/node_modules/passport-jwt/lib/strategy.js:123:34
at /Users/axels18m/Desktop/Work/Testing/nest-twitter-project/node_modules/jsonwebtoken/verify.js:223:12
at getSecret (/Users/axels18m/Desktop/Work/Testing/nest-twitter-project/node_modules/jsonwebtoken/verify.js:90:14)
at Object.module.exports [as verify] (/Users/axels18m/Desktop/Work/Testing/nest-twitter-project/node_modules/jsonwebtoken/verify.js:94:10)
这是引发错误的端点(user.controller.ts)
@Controller('user')
export class UserController
{
constructor(
private userService: UserService
) {}
@hasRoles('admin')
@UseGuards(JwtAuthGuard, RolesGuard)
@Get()
getAll(): Observable<User[]>
{
return this.userService.getAll();
}
}
- jwt-strategy.ts 文件
@Injectable()
export class JwtStrategy extends PassportStrategy(Strategy)
{
constructor(private configService: ConfigService)
{
super({
jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
ignoreExpiration: false,
secretOrKey: configService.get('JWT_SECRET')
});
}
async validator(payload: any)
{
return { 'user': payload.user , 'username': payload.username };
}
}
getAll 用户的步骤:
- 登录(returns 用作不记名令牌的 jwt 令牌)
@Post('login')
login(@Body() user: User): Observable<Object>
{
return this.userService.login(user).pipe(
map((jwt: string) => { return { access_token: jwt} })
)
}
- 添加不记名令牌并将其发送到 getAll 用户方法后(这是为了获取所有用户信息的访问权限,如果没有 barear 令牌,您将收到未经授权的 401 错误),AuthGuard 被触发并显示以上错误。我已经尝试过这个:
@UserGuards(AuthGuard('jwt'), RolesGuard)而不是@UseGuards(JwtAuthGuard, RolesGuard)
在您的 JwtStrategy 中,您有 async 方法 valdiator 而不是 validate。此方法 需要 为 validate 以便 @nestjs/passport 将方法正确发送至 passport