我使用 JWT 进行用户登录身份验证,但当我想在 /auth 路由上进行 POST 时,我总是收到以下错误。
(node:3385) UnhandledPromiseRejectionWarning: Unhandled promise rejection (rejection id: 1): TypeError: secret must be a string or buffer
(node:3385) DeprecationWarning: Unhandled promise rejections are deprecated. In the future, promise rejections that are not handled will terminate the Node.js process with a non-zero exit code.
这是我的代码
app.post('/auth', function (req, res, next) {
var username = req.body.username;
var password = req.body.password;
User.findOne({
where: {username: username}
}).then(function (user) {
if(user){
bcrypt.compare(req.body.password, user.password).then(function (passcheck) {
if(passcheck){
var jwtUser = {
username: user.username,
name: user.name,
score: user.score,
accesslevel: "all"
};
var token = jwt.sign(jwtUser, app.get('superSecretString'), {
expiresIn: 1440 //expires in 24 hours
});
//callback(token);
res.json({
success: true,
message: 'Here´s your token.',
token: token
});
/*
var resp = {success: true, message: 'Heres your token.', token: token};
response.write(JSON.stringify(resp));
*/
}else{
res.status(401).json({
success: false,
message: 'Authentification failed. Password or Username wrong'
});
}
});
}else{
res.status(401).json({
success: false,
message: 'Authentification failed.'
});
}
}).catch(next);
});
感谢您的回答。
最佳答案
问题是您没有在配置文件中声明 secret 。 你可以用另一种方式做到这一点
const token = jwt.sign(user, '123456', {
expiresIn: 60 * 24 // expires in 24 hours
});
删除 app.get('superSecretString') 并添加 '123456'
关于node.js - Node JS 类型错误 : Secret must be a string or buffer,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/44133496/