久久久久久久av_日韩在线中文_看一级毛片视频_日本精品二区_成人深夜福利视频_武道仙尊动漫在线观看

JWT 未解碼“JWT malformed";- 節點角度

JWT not decoding quot;JWT malformedquot; - Node Angular(JWT 未解碼“JWT malformed;- 節點角度)
本文介紹了JWT 未解碼“JWT malformed";- 節點角度的處理方法,對大家解決問題具有一定的參考價值,需要的朋友們下面隨著小編來一起學習吧!

問題描述

登錄后,我會向客戶端發送一個 JSON Web 令牌.我有一個自定義的 authInterceptor,它將 JSON Web 令牌發送回服務器端.

Upon logging in I send a JSON web token to the client-side. I have a custom authInterceptor which sends the JSON web token back to the server side.

當我登錄時,一切正常.轉到不同的子頁面,效果很好.這是因為我有一個功能可以檢查 Passport 身份驗證或令牌身份驗證,并且在登錄時 Passport 身份驗證工作.

When I log in, everything works. Go to different sub-pages, works great. This is because I have a function which either checks for Passport authentication or token authentication, and upon logging in the Passport authentication works.

當我關閉瀏覽器并返回站點時,JWT 無法解碼.當 JWT 放在 encoding 函數下方時,它可以解碼.我已經嘗試了 jwt-simple 節點模塊和 jsonwebtoken 節點模塊,但我返回了同樣的錯誤.

When I close the browser and return to the site, the JWT cannot decode. The JWT can decode when it is placed just under the encoding function. I have tried both the jwt-simple node module and the jsonwebtoken node modules, and I come back with the same error.

這是我的自定義函數,用于檢查有效令牌:

This is my custom function which checks for a valid token:

function checkAuthentication(req, res, next){
  if (!req.headers.authorization) {
     return res.status(401).send({ message: 'Please make sure your request has an Authorization header' });
  }
  console.log("Here");
  var token = req.headers.authorization.split('.')[1];
  console.log(token);
  console.log(config.secret);
  var payload = null;
  try {
    console.log("And here....");
    payload = jwt.decode(token, config.secret);
    console.log(payload);
  }
  catch (err) {
    console.log(err);
    return false;
  }

  if (payload.exp <= moment().unix()) {
    return false;
  }
  req.user = payload.sub;
  return true;
}

jwt-simple 使用 jwt.encode()jwt.decode,jsonwebtoken 使用 jwt.sign()jwt.verify().這是我在控制臺中得到的:

jwt-simple uses jwt.encode() and jwt.decode, and jsonwebtoken uses jwt.sign() and jwt.verify(). This is what I get in my console:

Here
eyJzdWIiOiI1NmEyZDk3MWQwZDg2OThhMTYwYTBkM2QiLCJleHAiOjE0NTYxOTEyNzQsImlhdCI6MTQ1NTMyNzI3NH0
VerySecretPhrase
And here....
{ [JsonWebTokenError: jwt malformed] name: 'JsonWebTokenError', message: 'jwt malformed' } 

這是客戶端的 authInterceptor.我收集令牌并將其設置在請求標頭中:

This is the authInterceptor on the client-side. I collect the token and set it in the request header:

app.factory('httpInterceptor', function($q, $store, $window) {
return {
    request: function (config){
        config.headers = config.headers || {};
        if($store.get('token')){
            var token = config.headers.Authorization = 'Bearer ' + $store.get('token');
        }
        return config;
    },
    responseError: function(response){
        if(response.status === 401 || response.status === 403) {
            $window.location.href = "http://localhost:3000/login";
        }
        return $q.reject(response);
    }
};
});

推薦答案

很高興你明白了!對于后人來說,問題如下:JWT 由三個組件組成:標頭、有效負載和簽名(可以在這篇 toptal 帖子中找到一個很好、徹底的解釋),所以當你拆分JWT 到帶有 var token = req.headers.authorization.split('.') 的組件中,您分配給 token 的值僅指有效負載,而不是完整的智威湯遜.

Glad you got it figured out! The problem, for posterity, was the following: A JWT consists of three components, a header, the payload, and the signature (a good, thorough explanation can be found in this toptal post), so when you were splitting the JWT into components with var token = req.headers.authorization.split('.'), the value you were assigning to token referred to the payload only, rather than the full JWT.

因為 jwt-simple 解碼方法需要完整的令牌,而您只給它提供了要評估的有效負載,所以您的代碼觸發了jwt malformed"錯誤.在您的情況下,由于您在 Authorization 標頭中使用 Bearer 在令牌之前,您可以使用 var token = req.headers.authorization.split(' ') 取而代之.

Because the jwt-simple decode method expects the full token and you were only giving it the payload to assess, your code was triggering the 'jwt malformed' error. In your case, since you preceded the token with Bearer in your Authorization header, you could grab the full token with var token = req.headers.authorization.split(' ') instead.

這篇關于JWT 未解碼“JWT malformed";- 節點角度的文章就介紹到這了,希望我們推薦的答案對大家有所幫助,也希望大家多多支持html5模板網!

【網站聲明】本站部分內容來源于互聯網,旨在幫助大家更快的解決問題,如果有圖片或者內容侵犯了您的權益,請聯系我們刪除處理,感謝您的支持!

相關文檔推薦

Is Math.random() cryptographically secure?(Math.random() 在密碼學上是安全的嗎?)
Secure random numbers in javascript?(在javascript中保護隨機數?)
How to avoid multiple token refresh requests when making simultaneous API requests with an expired token(使用過期令牌發出同時 API 請求時如何避免多個令牌刷新請求)
How to invalidate a JWT token with no expiry time(如何使沒有到期時間的 JWT 令牌無效)
Authorization header in img src link(img src 鏈接中的授權標頭)
How to implement auto refresh in client side(vue.js)?(如何在客戶端(vue.js)實現自動刷新?)
主站蜘蛛池模板: 午夜视频精品 | 丁香五月网久久综合 | 特黄视频 | 国产综合精品一区二区三区 | 国产一区二区影院 | 亚洲+变态+欧美+另类+精品 | 亚洲精选久久 | 日韩欧美在线一区二区 | 看亚洲a级一级毛片 | 日韩在线免费视频 | 一区二区三区高清 | 久久青草av | 草久久| 国产精品99久久久久久大便 | 日日综合 | 久久久久国产精品一区三寸 | 欧美九九 | 欧美性生活免费 | 国产成人a亚洲精品 | 精品视频一二区 | 国产精品福利在线 | 国产精品一区二区三 | 精品久久久久久亚洲国产800 | 亚洲在线一区 | 成年无码av片在线 | 亚洲精品在线免费 | 一区二区三区在线免费观看 | 国产成人99久久亚洲综合精品 | 水蜜桃亚洲一二三四在线 | 久久久精| 黑色丝袜三级在线播放 | 亚洲天堂一区 | 一区二区三区四区电影视频在线观看 | 欧美成年人 | 91偷拍精品一区二区三区 | 日韩精品一区二区三区四区 | 中文字幕日本一区二区 | 久国产| www,黄色,com| 久久久久久高潮国产精品视 | 日韩欧美在线视频 |