这是我的 auth.mjs 代码:
import jwt from 'jsonwebtoken';
export function generateToken(userInfo){
if(!userInfo) {
return null;
}
const payload = { username: userInfo.username, exp: Math.floor(Date.now() / 1000) + 30};
const secret = Buffer.from(process.env.JWT_SECRET).toString('base64');
return jwt.sign(payload, secret, {algorithm: 'HS512'});
}
export async function verifyTokens(username, token) {
console.error("Still inside verifyTokens");
try{
console.error('Inside verifyToken');
const response = await new Promise((resolve, reject) => {
jwt.verify(token, Buffer.from(process.env.JWT_SECRET.toString('base64'), {algorithm: 'HS512'}, (err, decoded) => {
if (err) {
reject (err);
} else {
resolve(decoded);
}
})
)})
if (response.username !== username) {
console.error('response.username !== username');
return {
verified: false,
message: 'invalid user'
}
}
console.error('response.username === username');
return {
verified: true,
message: 'verified'
}
} catch (error) {
console.error('Verified Tokens Error: ' + error);
throw {
verified: false,
message: 'invalid token'
}
}
}
export default generateToken;
这是我的 verify.mjs 代码:
import buildResponse from '../utils/util.mjs';
import verifyTokens from '../utils/auth.mjs';
export async function verify(requestBody) {
if(!requestBody.user || !requestBody.user.username || !requestBody.token) {
return buildResponse(401, {
verified: false,
message: 'incorrect request body'
})
}
const user = requestBody.user;
const token = requestBody.token;
try {
console.error("Verifying this token=" + token);
console.error("Verifying this user.username=" + user.username);
const verification = await verifyTokens(user.username, token);
console.error('Are we verified? verification.verified=', verification.verified);
if(!verification.verified) {
console.error("We are NOT verified! verification.verified=", verification.verified)
return await buildResponse(401, verification);
}
}
catch (error) {
console.error("Error: ", error);
}
return buildResponse(200, {
verified: true,
message: 'success',
user: user,
token: token
})
}
export default verify;
日志文件显示我进入了“验证此 token ”和“验证此 user.username”,但日志文件从未显示“仍在 verifyTokens 内”,因此我认为它没有调用此行。
const verification = await verifyTokens(user.username, token);
最佳答案
说明:
根据 MSN docs :
Every module can have two different types of export, named export and default export. You can have multiple named exports per module but only one default export.
您已使用 Export Declarations 在 auth.mjs 中导出多个命名导出,例如 generateToken 和 verifyTokens当您使用此语法时:
export function generateToken(userInfo){
//...
}
export async function verifyTokens(username, token) {
//...
}
这意味着使用 export defualt 语法可能会令人困惑,就像您在同一文件中所做的那样:
export default generateToken;
通常,当您想要 export a single variable, function or class 时,可以使用 export defualt 。代码中的链式 react 意味着当您执行此操作时:
import verifyTokens from '../utils/auth.mjs';
您刚刚创建的 verifyTokens 变量现在实际上指向 generateToken 函数,因为您现在正在导入 default (这是 >生成 token )。理解这一点很重要,因为当您尝试在此处执行 verifyTokens() 时:
const verification = await verifyTokens(user.username, token);
console.error('Are we verified? verification.verified=', verification.verified);
实际发生的事情是这样的:
const verification = await generateToken(user.username, token); //< token was ignored becuase generateToken only takes one parameter
console.error('Are we verified? verification.verified=', verification.verified); //< verification.verified is undefined
解决方案:
只需使用大括号将 verifyTokens 导入为命名导出之一,如下所示:
import { verifyTokens } from '../utils/auth.mjs';
关于node.js - 为什么这个 verifyToken 函数永远不会被调用?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/77338424/