如何解决loopback4 jwt 身份验证问题
每当我使用 /login 或 /signup api 端点时,我都会遇到验证 jwt 令牌的问题。 这是我的用户控制器:
import {authenticate,TokenService} from '@loopback/authentication';
import {
Credentials,MyUserService,TokenServiceBindings,User,UserRepository,UserServiceBindings
} from '@loopback/authentication-jwt';
import {inject} from '@loopback/core';
import {
repository
} from '@loopback/repository';
import {
get,getModelSchemaRef,post,requestBody
} from '@loopback/rest';
import {SecurityBindings,securityId,UserProfile} from '@loopback/security';
import {genSalt,hash} from 'bcryptjs';
import _ from 'lodash';
import {Users} from '../models';
const CredentialsRequestBody = {
description: 'Input of login function',required: true,content: {
'application/json': {schema: Users}
}
}
export class UserController {
constructor(
@inject(TokenServiceBindings.TOKEN_SERVICE) public jwtService: TokenService,@inject(UserServiceBindings.USER_SERVICE) public userService: MyUserService,@inject(SecurityBindings.USER,{optional: true}) public user: UserProfile,@repository(UserServiceBindings.USER_REPOSITORY) protected userRepository: UserRepository,) { }
@post('/login',{
responses: {
'200': {
description: 'Token',content: {
'application/json': {
schema: {
type: 'object',properties: {
token: {
type: 'string'
}
}
}
}
}
}
}
})
async login(
@requestBody(CredentialsRequestBody) creditionals: Credentials
): Promise<{token: string}> {
console.log('hekkkkk')
const user = await this.userService.verifyCredentials(creditionals);
console.log('kayyy',user)
const userProfile = this.userService.convertToUserProfile(user);
console.log('break')
const token = await this.jwtService.generateToken(userProfile);
console.log('break 1')
return {token};
}
@authenticate('jwt')
@get('/whoami',{
responses: {
'200': {
description: '',schema: {
type: 'string'
}
}
}
})
async whoAmI(
@inject(SecurityBindings.USER) currentUserProfile: UserProfile
): Promise<string> {
console.log('here')
return currentUserProfile[securityId];
}
@post('/signup',{
responses: {
'200': {
description: 'User',content: {
'application/json': {
schema: {
'x-ts-type': User
}
}
}
}
}
})
async signUp(
@requestBody({
content: {
'application/json': {
schema: getModelSchemaRef(Users,{
title: 'NewUser'
})
}
}
})
newUserRequest: Users
): Promise<User> {
const password = await hash(newUserRequest.password,await genSalt());
const savedUser = await this.userRepository.create(
_.omit(newUserRequest,'password')
);
console.log('break 1')
await this.userRepository.userCredentials(savedUser.id).create({password});
console.log('break 2')
return savedUser;
}
}
这是我的 sequence.ts 文件:
import {
AuthenticateFn,AuthenticationBindings,AUTHENTICATION_STRATEGY_NOT_FOUND,USER_PROFILE_NOT_FOUND
} from '@loopback/authentication';
import {
Context
} from '@loopback/context';
import {inject} from '@loopback/core';
// import {MiddlewareSequence} from '@loopback/rest';
import {
FindRoute,InvokeMethod,ParseParams,Reject,RequestContext,RestBindings,Send,SequenceActions,SequenceHandler
} from '@loopback/rest';
// export class MySequence extends MiddlewareSequence { }
export class MySequence implements SequenceHandler {
constructor(
@inject(RestBindings.Http.CONTEXT) public ctx: Context,@inject(SequenceActions.FIND_ROUTE) protected findRoute: FindRoute,@inject(SequenceActions.PARSE_PARAMS) protected parseParams: ParseParams,@inject(SequenceActions.INVOKE_METHOD) protected invoke: InvokeMethod,@inject(SequenceActions.SEND) public send: Send,@inject(SequenceActions.REJECT) public reject: Reject,@inject(AuthenticationBindings.AUTH_ACTION)
protected authenticateRequest: AuthenticateFn
) { }
async handle(context: RequestContext) {
try {
const {request,response} = context;
const route = this.findRoute(request);
console.log('jau',route)
await this.authenticateRequest(request);
const args = await this.parseParams(request,route);
console.log('kel',args,response,await this.invoke(route,args))
const result = await this.invoke(route,args);
console.log('pop',result,response)
this.send(response,result);
console.log('done1')
}
catch (err) {
console.log('may',err.code)
if (
err.code === AUTHENTICATION_STRATEGY_NOT_FOUND ||
err.code === USER_PROFILE_NOT_FOUND
) {
Object.assign(err,{statusCode: 401});
}
this.reject(context,err)
console.log('done2')
}
}
}
Incase 如果你想知道数据库。我已经连接到 mongodb 并且没有连接问题。
我收到 statusCode 500 和如下问题:
Request POST /login failed with status code 500. ResolutionError: The key 'repositories.repositories.UserRepository' is not bound to any value in context RequestContext-nP8Bsm4XRqSs9_f7D1VuEQ-3 (context: RequestContext-nP8Bsm4XRqSs9_f7D1VuEQ-3,binding: repositories.repositories.UserRepository,resolutionPath: controllers.UserController --> @UserController.constructor[3])
如果您需要访问整个代码库,请查看: https://github.com/compressionmonkey/dummyloopbackserver
我已经用谷歌搜索这个问题一个星期了(我看了多个教程,包括来自 IBM 的教程,并对照 IBM github 代码库进行了交叉检查)所以最后我在 stackoverflow 上问了这个问题。
感谢建设性的反馈。谢谢!
解决方法
以下更改有助于解决问题:
更改 user.controller.ts 中的这一行:
@repository(UserServiceBindings.USER_REPOSITORY) protected userRepository: UserRepository,到
@repository(UserRepository) protected userRepository: UserRepository,问题原因:
UserServiceBindings.USER_REPOSITORY 正在运行时转换为 repositories.repositories.UserRepository,然后应用程序尝试使用它查找存储库。由于存储库实际上存在于应用上下文中,键为 repositories.UserRepository,因此无法找到存储库并因此引发异常。
以下调试屏幕图像可以帮助更好地理解它,请检查:
Check VSCode debug screenshot by clicking here
在图片中,我稍微修改了代码以实时展示问题:
- Point 1 显示了预期的代码行。
- Point 2 使用
isBound方法检查密钥是否绑定到应用上下文中的某些内容。 -
3 点显示了
isBound方法对两个绑定键的布尔结果。
希望答案对您有所帮助。
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。