下面是我的身份验证策略的配置:
var JWT_STRATEGY_CONFIG = {
jwtFromRequest: ExtractJwt.fromAuthHeaderWithScheme('MyBearer'),
secretOrKey: SECRET,
issuer : ISSUER,
audience: AUDIENCE,
passReqToCallback: false
};
我想添加第二个提取器,如果第一个解压失败,那么我想尝试第二个。为了说明我的想法,我想这样做:
var JWT_STRATEGY_CONFIG = {
jwtFromRequest: [
ExtractJwt.fromAuthHeaderWithScheme('MyBearer'),
ExtractJwt.fromUrlQueryParameter('authorization')
],
secretOrKey: SECRET,
issuer : ISSUER,
audience: AUDIENCE,
passReqToCallback: false
};
发布于 2018-08-17 15:30:22
您还可以在ExtractJwt.fromExtractors函数中传递多个提取器
var JWT_STRATEGY_CONFIG = {
secretOrKey: SECRET,
issuer : ISSUER,
audience: AUDIENCE,
passReqToCallback: false,
jwtFromRequest:ExtractJwt.fromExtractors([ExtractJwt.fromBodyField('auth_token'),ExtractJwt.fromUrlQueryParameter('auth_token')]),
};
发布于 2021-07-03 03:11:05
感谢您分享这个简单的解决方案。我在typescript中采用了你对NestJs的方法。以防万一有人在找它。
import { PassportStrategy } from '@nestjs/passport';
import { ExtractJwt, Strategy } from 'passport-jwt';
import { Inject, Injectable } from '@nestjs/common';
import { JWT_SECRET } from '../auth.constants';
/**
* Extracts the jwt from a cookie
* @param req Http Request
*/
const cookieExtractor = (req) => {
let token = null;
if (req && req.cookies) {
token = req.cookies.jwt;
}
return token;
};
@Injectable()
export class JwtStrategy extends PassportStrategy(Strategy) {
constructor(@Inject('JWT_SECRET') jwtSecret: string) {
super({
jwtFromRequest: ExtractJwt.fromExtractors([
// Take jwt from http header
ExtractJwt.fromAuthHeaderAsBearerToken(),
// Take jwt from cookie
cookieExtractor
]),
ignoreExpiration: false,
secretOrKey: jwtSecret,
});
}
async validate(payload: { sub: number, iat: number, exp: number, username: string }): Promise<{ userId: any; username: any }> {
return { userId: payload.sub, username: payload.username };
}
}
https://stackoverflow.com/questions/46942378
复制相似问题