jsonwebtoken 中的有效负载错误

2022-01-10 00:00:00 jwt node.js javascript angular passport.js

我正在使用 nodejs 和 angular cli 制作一个 Web 应用程序我正在使用 JWT 来验证我的登录功能.但是当我处理它时抛出了这个错误

I am making a web application using nodejs and angular cli I'm using JWT to authenticate my login function . But when I process it threw this error

错误:预期的有效负载"是一个普通对象.验证时 (D:Mean_Projectsmeanauthapp ode_modulesjsonwebtokensign.js:34:11)在 validatePayload (D:Mean_Projectsmeanauthapp ode_modulesjsonwebtokensign.js:56:10)在 Object.module.exports [作为符号] (D:Mean_Projectsmeanauthapp ode_modulesjsonwebtokensign.js:108:7)在 User.comparePassword (D:Mean_Projectsmeanauthappoutesusers.js:86:27)在 bcrypt.compare (D:Mean_Projectsmeanauthappmodelsuser.js:53:9)在 D:Mean_Projectsmeanauthapp ode_modulescryptjsdistcrypt.js:297:21在 D:Mean_Projectsmeanauthapp ode_modulescryptjsdistcrypt.js:1353:21在 Immediate.next [as _onImmediate] (D:Mean_Projectsmeanauthapp ode_modulescryptjsdistcrypt.js:1233:21)在 runCallback (timers.js:785:20)在 tryOnImmediate (timers.js:747:5)在 processImmediate [as _immediateCallback] (timers.js:718:5)

Error: Expected "payload" to be a plain object. at validate (D:Mean_Projectsmeanauthapp ode_modulesjsonwebtokensign.js:34:11) at validatePayload (D:Mean_Projectsmeanauthapp ode_modulesjsonwebtokensign.js:56:10) at Object.module.exports [as sign] (D:Mean_Projectsmeanauthapp ode_modulesjsonwebtokensign.js:108:7) at User.comparePassword (D:Mean_Projectsmeanauthappoutesusers.js:86:27) at bcrypt.compare (D:Mean_Projectsmeanauthappmodelsuser.js:53:9) at D:Mean_Projectsmeanauthapp ode_modulescryptjsdistcrypt.js:297:21 at D:Mean_Projectsmeanauthapp ode_modulescryptjsdistcrypt.js:1353:21 at Immediate.next [as _onImmediate] (D:Mean_Projectsmeanauthapp ode_modulescryptjsdistcrypt.js:1233:21) at runCallback (timers.js:785:20) at tryOnImmediate (timers.js:747:5) at processImmediate [as _immediateCallback] (timers.js:718:5)

这是我的护照代码

    const JwtStrategy= require('passport-jwt').Strategy;
    const ExtractJwt=require('passport-jwt').ExtractJwt;
    const User= require('../models/user');
    const config=require('../config/database');        
    module.exports=function(passport){
    let opts={};
    opts.jwtFromRequest=ExtractJwt.fromAuthHeader();
    opts.secretOrKey=config.secret;
    opts.issuer = 'accounts.examplesoft.com';
    opts.audience = 'yoursite.net';
    passport.use(new JwtStrategy(opts,(jwt_payload,done)=>{
        console.log(jwt_payload);
        User.getUserById(jwt_payload._doc._id,(err,user)=>{
            if(err){
                return done(err,false);
            }
            if(user){
                return done(null,user);
            }
            else{
                return done(null,false);
            }
        });
    }));
}

我的身份验证和获取配置文件代码

My code for authenticate and get profile

// Authenticate
router.post('/authenticate', (req, res, next) => {
  const username = req.body.username;
  const password = req.body.password;

  User.getUserByUsername(username, (err, user) => {
    if(err) throw err;
    if(!user){
      return res.json({success: false, msg: 'User not found'});
    }

    User.comparePassword(password, user.password, (err, isMatch) => {
      if(err) throw err;
      if(isMatch){
        const token = jwt.sign(user, config.secret, {
          expiresIn: 604800 // 1 week
        });

        res.json({
          success: true,
          token: 'JWT '+token,
          user: {
            id: user._id,
            name: user.name,
            username: user.username,
            email: user.email
          }
        });
      } else {
        return res.json({success: false, msg: 'Wrong password'});
      }
    });
  });
});

// Profile
router.get('/profile', passport.authenticate('jwt', {session:false}), (req, res, next) => {
  res.json({user: req.user});
});

推荐答案

在线失败

const token = jwt.sign(user, config.secret, {

出现错误预期有效负载"是一个普通对象"

您的 user 对象在此处初始化:

Your user object is initialized here:

User.getUserByUsername(username, (err, user)

我假设是 mongoosejs 对象,它包含许多方法并且不是可序列化的".您可以通过使用 mongoose 中的 .lean() 或普通 toJSON 方法传递一个普通对象来处理这个问题:

Which I assume is mongoosejs object, which contains many methods and is not "serializable". You could handle this by passing a plain object, by either using .lean() from mongoose or plain toJSON method:

const token = jwt.sign(user.toJSON(), config.secret, {
  expiresIn: 604800 // 1 week
});

相关文章