0
我使用JWT's
进行用户登录身份验证,但是当我想要在/auth
路由上进行POST时,我总是遇到以下错误。节点JS类型错误:秘密必须是字符串或缓冲区
(node:3385) UnhandledPromiseRejectionWarning: Unhandled promise rejection (rejection id: 1): TypeError: secret must be a string or buffer
(node:3385) DeprecationWarning: Unhandled promise rejections are deprecated. In the future, promise rejections that are not handled will terminate the Node.js process with a non-zero exit code.
这里是我的代码
app.post('/auth', function (req, res, next) {
var username = req.body.username;
var password = req.body.password;
User.findOne({
where: {username: username}
}).then(function (user) {
if(user){
bcrypt.compare(req.body.password, user.password).then(function (passcheck) {
if(passcheck){
var jwtUser = {
username: user.username,
name: user.name,
score: user.score,
accesslevel: "all"
};
var token = jwt.sign(jwtUser, app.get('superSecretString'), {
expiresIn: 1440 //expires in 24 hours
});
//callback(token);
res.json({
success: true,
message: 'Here´s your token.',
token: token
});
/*
var resp = {success: true, message: 'Heres your token.', token: token};
response.write(JSON.stringify(resp));
*/
}else{
res.status(401).json({
success: false,
message: 'Authentification failed. Password or Username wrong'
});
}
});
}else{
res.status(401).json({
success: false,
message: 'Authentification failed.'
});
}
}).catch(next);
});
感谢答案。
林想你需要传递到jwt.sign正确的参数。我会从这个app.get('superSecretString')开始检查错误。 –
@MykolaBorysyuk thx,我在config.js中忘记了“module.exports”这个“s” – pache