没有从 JWT 的有效载荷中获取所有字段
not getting all the fields from payload of JWT
我已经创建了一个 MEAN 堆栈网络应用程序,它具有登录注销 option.for 用户登录我已经使用了 jsonwebtoken npm 包。
这里的主要问题是当用户登录 JWT 时创建并且在该令牌的有效负载中包含用户名、电子邮件和全名但是在解码令牌时我只得到用户名和电子邮件字段
这里是jwt.sign函数-
var token=jwt.sign({userid:user.username,email:user.email,fullname:user.fullname},secret,{expiresIn:'24h'});
这里jwt.verify方法-
jwt.verify(token,secret,function(err,decoded){
if(err){
res.json({success:false,message:"invalid token"});
} else {
req.decoded=decoded;
next();
}
})
令牌示例-
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyaWQiOiJuaXRpbi5zYWNoZGV2IiwiZW1haWwiOiJuaXRpbi5zYWNoZGV2QGVtYWlsLmNvbSIsImlhdCI6MTQ4NDU1ODAxMiwiZXhwIjoxNDg0NjQ0NDEyfQ.fWogT-aHJY4Xyc8Ebm4OXPkWD3poaWG3IAAf9VS-q58
令牌已解码-
{
"userid": "nitin.sachdev",
"email": "nitin.sachdev@email.com",
"iat": 1484558012,
"exp": 1484644412
}
用户架构-
var UserSchema=new Schema({
fullname:String,
username:{type:String,lowercase:true,required:true,unique:true},
password:{type:String,required:true},
email:{type:String,required:true,lowercase:true,unique:true},
contactno:Number,
orgname:String
});
我发现了错误,我忘记在“.select()'method while using '.findOne()”方法中输入全名作为参数来查找用户。
这里是修改后的代码-
//mistake was actually here
User.findOne({username:req.body.username}).select('email username password fullname').exec(function(err,user){
//if(err) throw err;
if(!req.body.password||!req.body.username)
{
res.json({success:false,mesage:"please enter all the fields"});
}
else
{
if(!user){
res.json({success:false,message:"couldnt find the user"});
}
else if(user)
{
if(!req.body.password)
res.json({success:false,mesage:"please enter password"});
var validPassword=user.comparePassword(req.body.password);
if(validPassword){
//jwt.sign ismethod to create JWT. 1st par is object containing data that token will contain.
console.log(user.fullname);
var token=jwt.sign({userid:user.username,email:user.email,fullname:user.orgname},secret,{expiresIn:'24h'});
res.json({success:true,message:"loggedin Successfully",token: token});
}
else
{
res.json({success:false,message:"wrong password"});
}
}
}
});
我已经创建了一个 MEAN 堆栈网络应用程序,它具有登录注销 option.for 用户登录我已经使用了 jsonwebtoken npm 包。 这里的主要问题是当用户登录 JWT 时创建并且在该令牌的有效负载中包含用户名、电子邮件和全名但是在解码令牌时我只得到用户名和电子邮件字段
这里是jwt.sign函数-
var token=jwt.sign({userid:user.username,email:user.email,fullname:user.fullname},secret,{expiresIn:'24h'});
这里jwt.verify方法-
jwt.verify(token,secret,function(err,decoded){
if(err){
res.json({success:false,message:"invalid token"});
} else {
req.decoded=decoded;
next();
}
})
令牌示例-
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyaWQiOiJuaXRpbi5zYWNoZGV2IiwiZW1haWwiOiJuaXRpbi5zYWNoZGV2QGVtYWlsLmNvbSIsImlhdCI6MTQ4NDU1ODAxMiwiZXhwIjoxNDg0NjQ0NDEyfQ.fWogT-aHJY4Xyc8Ebm4OXPkWD3poaWG3IAAf9VS-q58
令牌已解码-
{
"userid": "nitin.sachdev",
"email": "nitin.sachdev@email.com",
"iat": 1484558012,
"exp": 1484644412
}
用户架构-
var UserSchema=new Schema({
fullname:String,
username:{type:String,lowercase:true,required:true,unique:true},
password:{type:String,required:true},
email:{type:String,required:true,lowercase:true,unique:true},
contactno:Number,
orgname:String
});
我发现了错误,我忘记在“.select()'method while using '.findOne()”方法中输入全名作为参数来查找用户。
这里是修改后的代码-
//mistake was actually here
User.findOne({username:req.body.username}).select('email username password fullname').exec(function(err,user){
//if(err) throw err;
if(!req.body.password||!req.body.username)
{
res.json({success:false,mesage:"please enter all the fields"});
}
else
{
if(!user){
res.json({success:false,message:"couldnt find the user"});
}
else if(user)
{
if(!req.body.password)
res.json({success:false,mesage:"please enter password"});
var validPassword=user.comparePassword(req.body.password);
if(validPassword){
//jwt.sign ismethod to create JWT. 1st par is object containing data that token will contain.
console.log(user.fullname);
var token=jwt.sign({userid:user.username,email:user.email,fullname:user.orgname},secret,{expiresIn:'24h'});
res.json({success:true,message:"loggedin Successfully",token: token});
}
else
{
res.json({success:false,message:"wrong password"});
}
}
}
});