验证 jwt 令牌后,应用程序崩溃
App crashes, after the verification of jwt token
首先,我在post请求中添加了token,然后它成功给出了“Email verified”的响应消息。
Click here: to see response message
但是,用户的jwt token验证通过后,突然app崩溃并抛出错误:
node:internal/process/promises:246
triggerUncaughtException(err, true /* fromPromise */);
^
Error [ERR_HTTP_HEADERS_SENT]: Cannot set headers after they are sent to the client
at new NodeError (node:internal/errors:363:5)
at ServerResponse.setHeader (node:_http_outgoing:574:11)
at ServerResponse.header (E:\WEB_DEV\frontend2\backend\node_modules\express\lib\response.js:771:10)
at ServerResponse.send (E:\WEB_DEV\frontend2\backend\node_modules\express\lib\response.js:170:12)
at ServerResponse.json (E:\WEB_DEV\frontend2\backend\node_modules\express\lib\response.js:267:15)
at E:\WEB_DEV\frontend2\backend\middleware\authMiddleware.js:28:37
at processTicksAndRejections (node:internal/process/task_queues:96:5) {
code: 'ERR_HTTP_HEADERS_SENT'
}
[nodemon] app crashed - waiting for file changes before starting...
这里是令牌验证码:
const jwt = require('jsonwebtoken');
const client = require('../configs/database');
exports.verifyToken = (req, res) => {
const token = req.headers.authorization;
jwt.verify(token, process.env.SECRET_KEY, (err, decoded) => {
if (err) {
res.status(500).json({
error: "Server error found"
})
}
console.log(decoded.email);
const userEmail = decoded.email;
client.query(`SELECT * FROM login WHERE email = '${userEmail}'`)
.then((data) => {
// console.log(data);
if (data.rows.length == 0) {
res.status(404).send("Token not verified");
}
else {
req.email = userEmail;
res.status(200).send("Email verified");
next(); //problem occurs here**
}
})
.catch((err) => {
if (err) {
res.status(500).json({
message: "Database error occurred",
error: err,
})
}
})
})
}
应用程序崩溃的原因,没有显示“中间件正在工作”。
const express = require('express')
const router = express.Router();
const { verifyToken } = require('../middleware/authMiddleware');
// const { addProducts } = require('../controllers/products');
router.post("/add", verifyToken, (req, res) => {
res.send("Middleware working");
})
您不应在发送回复后使用 next()。
所以这里的解决方案是在验证令牌时使用 next()。所以你的 req, res 继续到 /add 路线。
如果令牌无效,您将像现在一样发送响应。
所以只需删除 res.status(200).send("Email verified");
首先,我在post请求中添加了token,然后它成功给出了“Email verified”的响应消息。
Click here: to see response message
但是,用户的jwt token验证通过后,突然app崩溃并抛出错误:
node:internal/process/promises:246
triggerUncaughtException(err, true /* fromPromise */);
^
Error [ERR_HTTP_HEADERS_SENT]: Cannot set headers after they are sent to the client
at new NodeError (node:internal/errors:363:5)
at ServerResponse.setHeader (node:_http_outgoing:574:11)
at ServerResponse.header (E:\WEB_DEV\frontend2\backend\node_modules\express\lib\response.js:771:10)
at ServerResponse.send (E:\WEB_DEV\frontend2\backend\node_modules\express\lib\response.js:170:12)
at ServerResponse.json (E:\WEB_DEV\frontend2\backend\node_modules\express\lib\response.js:267:15)
at E:\WEB_DEV\frontend2\backend\middleware\authMiddleware.js:28:37
at processTicksAndRejections (node:internal/process/task_queues:96:5) {
code: 'ERR_HTTP_HEADERS_SENT'
}
[nodemon] app crashed - waiting for file changes before starting...
这里是令牌验证码:
const jwt = require('jsonwebtoken');
const client = require('../configs/database');
exports.verifyToken = (req, res) => {
const token = req.headers.authorization;
jwt.verify(token, process.env.SECRET_KEY, (err, decoded) => {
if (err) {
res.status(500).json({
error: "Server error found"
})
}
console.log(decoded.email);
const userEmail = decoded.email;
client.query(`SELECT * FROM login WHERE email = '${userEmail}'`)
.then((data) => {
// console.log(data);
if (data.rows.length == 0) {
res.status(404).send("Token not verified");
}
else {
req.email = userEmail;
res.status(200).send("Email verified");
next(); //problem occurs here**
}
})
.catch((err) => {
if (err) {
res.status(500).json({
message: "Database error occurred",
error: err,
})
}
})
})
}
应用程序崩溃的原因,没有显示“中间件正在工作”。
const express = require('express')
const router = express.Router();
const { verifyToken } = require('../middleware/authMiddleware');
// const { addProducts } = require('../controllers/products');
router.post("/add", verifyToken, (req, res) => {
res.send("Middleware working");
})
您不应在发送回复后使用 next()。
所以这里的解决方案是在验证令牌时使用 next()。所以你的 req, res 继续到 /add 路线。
如果令牌无效,您将像现在一样发送响应。
所以只需删除 res.status(200).send("Email verified");