0
我想做一些服務器端身份驗證。jwt服務器端身份驗證JsonWebTokenError
在服務器端登錄()
var jwt = require('jsonwebtoken');
....
if (user.hash != hash(pass, user.salt)) {
return invalid("Wrong password");
}
var token = jwt.sign(user, 'superSecret');
res.json({
success: true,
message: '',
auth_token: token
});
在客戶端的HTTP
createHero(hero: Hero) {
let body = JSON.stringify({ hero });
let headers = new Headers({ 'Content-Type': 'application/json' });
let authToken = localStorage.getItem('auth_token');
headers.append('Authorization', `Bearer ${authToken}`);
let options = new RequestOptions({ headers: headers });
this.http.post(`${this._baseUrl}create/`, body, options)
.map(response => response.json())
.subscribe(data => {
this._dataStore.heroes.push(data);
this._dataStore.hero = data;
this._heroObserver.next(this._dataStore.hero);
},
error => this.handleError('Could not create hero.')
);
}
在服務器端驗證
var token = req.headers.authorization;
var h = req.headers;
// decode token
if (token) {
// verifies secret and checks exp
aaa = jwt.verify(token, 'superSecret', function(err, decoded) {
console.log(decoded);
if (err) {
return res.json({ success: false, message: 'Failed to authenticate token on API server.' });
} else {
// if everything is good, save to request for use in other routes
req.decoded = decoded;
next();
}
});
console.log(aaa);
} else {
// if there is no token return an error
return res.status(403).send({
success: false,
message: 'No token provided.'
});
}
我得到了正確的令牌後面的服務器上。授權:「承載.....」
但它無法驗證。我得到了JsonWebTokenError無效的令牌。
任何人都可以指出我錯過了什麼嗎?