久久久久久久av_日韩在线中文_看一级毛片视频_日本精品二区_成人深夜福利视频_武道仙尊动漫在线观看

JWT 未解碼“JWT malformed";- 節(jié)點角度

JWT not decoding quot;JWT malformedquot; - Node Angular(JWT 未解碼“JWT malformed;- 節(jié)點角度)
本文介紹了JWT 未解碼“JWT malformed";- 節(jié)點角度的處理方法,對大家解決問題具有一定的參考價值,需要的朋友們下面隨著小編來一起學(xué)習(xí)吧!

問題描述

登錄后,我會向客戶端發(fā)送一個 JSON Web 令牌.我有一個自定義的 authInterceptor,它將 JSON Web 令牌發(fā)送回服務(wù)器端.

Upon logging in I send a JSON web token to the client-side. I have a custom authInterceptor which sends the JSON web token back to the server side.

當(dāng)我登錄時,一切正常.轉(zhuǎn)到不同的子頁面,效果很好.這是因為我有一個功能可以檢查 Passport 身份驗證或令牌身份驗證,并且在登錄時 Passport 身份驗證工作.

When I log in, everything works. Go to different sub-pages, works great. This is because I have a function which either checks for Passport authentication or token authentication, and upon logging in the Passport authentication works.

當(dāng)我關(guān)閉瀏覽器并返回站點時,JWT 無法解碼.當(dāng) JWT 放在 encoding 函數(shù)下方時,它可以解碼.我已經(jīng)嘗試了 jwt-simple 節(jié)點模塊和 jsonwebtoken 節(jié)點模塊,但我返回了同樣的錯誤.

When I close the browser and return to the site, the JWT cannot decode. The JWT can decode when it is placed just under the encoding function. I have tried both the jwt-simple node module and the jsonwebtoken node modules, and I come back with the same error.

這是我的自定義函數(shù),用于檢查有效令牌:

This is my custom function which checks for a valid token:

function checkAuthentication(req, res, next){
  if (!req.headers.authorization) {
     return res.status(401).send({ message: 'Please make sure your request has an Authorization header' });
  }
  console.log("Here");
  var token = req.headers.authorization.split('.')[1];
  console.log(token);
  console.log(config.secret);
  var payload = null;
  try {
    console.log("And here....");
    payload = jwt.decode(token, config.secret);
    console.log(payload);
  }
  catch (err) {
    console.log(err);
    return false;
  }

  if (payload.exp <= moment().unix()) {
    return false;
  }
  req.user = payload.sub;
  return true;
}

jwt-simple 使用 jwt.encode()jwt.decode,jsonwebtoken 使用 jwt.sign()jwt.verify().這是我在控制臺中得到的:

jwt-simple uses jwt.encode() and jwt.decode, and jsonwebtoken uses jwt.sign() and jwt.verify(). This is what I get in my console:

Here
eyJzdWIiOiI1NmEyZDk3MWQwZDg2OThhMTYwYTBkM2QiLCJleHAiOjE0NTYxOTEyNzQsImlhdCI6MTQ1NTMyNzI3NH0
VerySecretPhrase
And here....
{ [JsonWebTokenError: jwt malformed] name: 'JsonWebTokenError', message: 'jwt malformed' } 

這是客戶端的 authInterceptor.我收集令牌并將其設(shè)置在請求標頭中:

This is the authInterceptor on the client-side. I collect the token and set it in the request header:

app.factory('httpInterceptor', function($q, $store, $window) {
return {
    request: function (config){
        config.headers = config.headers || {};
        if($store.get('token')){
            var token = config.headers.Authorization = 'Bearer ' + $store.get('token');
        }
        return config;
    },
    responseError: function(response){
        if(response.status === 401 || response.status === 403) {
            $window.location.href = "http://localhost:3000/login";
        }
        return $q.reject(response);
    }
};
});

推薦答案

很高興你明白了!對于后人來說,問題如下:JWT 由三個組件組成:標頭、有效負載和簽名(可以在這篇 toptal 帖子中找到一個很好、徹底的解釋),所以當(dāng)你拆分JWT 到帶有 var token = req.headers.authorization.split('.') 的組件中,您分配給 token 的值僅指有效負載,而不是完整的智威湯遜.

Glad you got it figured out! The problem, for posterity, was the following: A JWT consists of three components, a header, the payload, and the signature (a good, thorough explanation can be found in this toptal post), so when you were splitting the JWT into components with var token = req.headers.authorization.split('.'), the value you were assigning to token referred to the payload only, rather than the full JWT.

因為 jwt-simple 解碼方法需要完整的令牌,而您只給它提供了要評估的有效負載,所以您的代碼觸發(fā)了jwt malformed"錯誤.在您的情況下,由于您在 Authorization 標頭中使用 Bearer 在令牌之前,您可以使用 var token = req.headers.authorization.split(' ') 取而代之.

Because the jwt-simple decode method expects the full token and you were only giving it the payload to assess, your code was triggering the 'jwt malformed' error. In your case, since you preceded the token with Bearer in your Authorization header, you could grab the full token with var token = req.headers.authorization.split(' ') instead.

這篇關(guān)于JWT 未解碼“JWT malformed";- 節(jié)點角度的文章就介紹到這了,希望我們推薦的答案對大家有所幫助,也希望大家多多支持html5模板網(wǎng)!

【網(wǎng)站聲明】本站部分內(nèi)容來源于互聯(lián)網(wǎng),旨在幫助大家更快的解決問題,如果有圖片或者內(nèi)容侵犯了您的權(quán)益,請聯(lián)系我們刪除處理,感謝您的支持!

相關(guān)文檔推薦

Is Math.random() cryptographically secure?(Math.random() 在密碼學(xué)上是安全的嗎?)
Secure random numbers in javascript?(在javascript中保護隨機數(shù)?)
How to avoid multiple token refresh requests when making simultaneous API requests with an expired token(使用過期令牌發(fā)出同時 API 請求時如何避免多個令牌刷新請求)
How to invalidate a JWT token with no expiry time(如何使沒有到期時間的 JWT 令牌無效)
Authorization header in img src link(img src 鏈接中的授權(quán)標頭)
How to implement auto refresh in client side(vue.js)?(如何在客戶端(vue.js)實現(xiàn)自動刷新?)
主站蜘蛛池模板: 精品国产一二三区 | av黄色在线 | 久久精品视频网站 | 国产激情久久久 | 国产精品福利视频 | 色影视 | 人人看人人干 | 国产视频www | 四虎四虎 | 欧美日韩国产中文字幕 | 日本欧美精品 | 亚洲免费观看 | 久久免费国产 | 国产精品午夜视频 | 国产成人一区二区 | 成人在线黄色 | 亚洲综合精品 | www.欧美在线 | 91精品网站| 久久精品视频99 | 9.1成人看片免费版 国产草草影院 | 亚洲一区欧美 | 日本黄色一级视频 | 久久久综合网 | 日韩欧美小视频 | 亚洲免费精品视频 | 日韩不卡一区二区 | 亚洲黄色网址 | 亚洲精品一区二区三区在线观看 | www.日韩在线 | 一级片aa| 亚洲黄色在线 | 欧美一区视频 | 一级片在线播放 | 一级片免费视频 | 成人在线不卡 | 久久精品福利视频 | 九九精品国产 | 日韩成人在线播放 | 久久久在线视频 | 日韩和的一区二区 |