使用护照LocalStrategy和passport-jwt创建Web令牌,但在auth.js **** 401未经授权的****(if (!user) { return res.json(401, { error: 'message' });})如何解决此问题时,卡在用户未定义的错误上
auth.js
var express = require('express');
var router = express.Router();
var bodyParser = require('body-parser')
var LocalStrategy = require('passport-local').Strategy;
var jwt = require('jsonwebtoken');
var passport = require('passport');
/* User Model*/
var mongoose = require('mongoose');
var User = mongoose.model('User');
/* POST login. */
router.post('/login', function (req, res, next) {
passport.authenticate('local', {session: false}, (err, user, info) => {
if (err) { return next(err) }
if (!user) { return res.json(401, { error: 'message' });}
req.login(user, {session: false}, (err) => {
if (err) {
res.send(err);
}
const token = jwt.sign(user, 'your_jwt_secret');
return res.json({user, token});
});
})(req, res, next);
});
module.exports = router;
passport.js
var passport = require('passport');
/* User Model*/
var mongoose = require('mongoose');
var User = mongoose.model('User');
var localStrategy = require('passport-local').Strategy;
var passportJWT = require("passport-jwt");
var JWTStrategy = passportJWT.Strategy;
var ExtractJWT = passportJWT.ExtractJwt;
passport.use(new localStrategy(
function (email, password, cb) {
return User.findOne({email, password})
.then(user => {
if (!user) {
return cb(null, false, {message: 'Incorrect email or password.'});
}
return cb(null, user, {
message: 'Logged In Successfully'
});
})
.catch(err => {
return cb(err);
});
}
));
passport.use(new JWTStrategy({
jwtFromRequest: ExtractJWT.fromAuthHeaderAsBearerToken(),
secretOrKey : 'your_jwt_secret'
},
function (jwtPayload, cb) {
return User.findById(jwtPayload.id)
.then(user => {
return cb(null, user);
})
.catch(err => {
return cb(err);
});
}
));
假设用户是一个对象:
if (user && Object.keys(user).length) {
return res.json(401, { error: 'message' });
}