.env
配置。它可以生成令牌,但是在尝试访问受保护的URL(带有授权头)时,只会返回未经授权的消息。
jwt.strategy.ts
import { Injectable, UnauthorizedException, Logger } from '@nestjs/common';
import { PassportStrategy } from '@nestjs/passport';
import { ExtractJwt, Strategy } from 'passport-jwt';
import { AuthService } from './auth.service';
import { JwtPayload } from './interfaces/jwt-payload.interface';
@Injectable()
export class JwtStrategy extends PassportStrategy(Strategy) {
constructor(private readonly authService: AuthService) {
super({
jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
secretOrKey: process.env.JWT_SECRET_KEY,
});
}
async validate(payload: JwtPayload) {
const user = await this.authService.validateUser(payload);
if (!user) {
throw new UnauthorizedException();
}
return user;
}
}
auth.module.ts
import { Module } from '@nestjs/common';
import { AuthService } from './auth.service';
import { AuthController } from './auth.controller';
import { PassportModule } from '@nestjs/passport';
import { JwtModule } from '@nestjs/jwt';
import { JwtStrategy } from './jwt.strategy';
@Module({
imports: [
PassportModule.register({ defaultStrategy: 'jwt' }),
JwtModule.registerAsync({
useFactory: async () => ({
secretOrPrivateKey: process.env.JWT_SECRET_KEY,
signOptions: {
expiresIn: process.env.JWT_EXPIRATION_TIME,
},
}),
}),
],
providers: [AuthService, JwtStrategy],
controllers: [AuthController],
})
export class AuthModule {}
main.ts
import { NestFactory } from '@nestjs/core';
import * as dotenv from 'dotenv';
import { ApiModule } from './api/api.module';
import { Logger } from '@nestjs/common';
async function bootstrap() {
dotenv.config({ path: './.env'});
const app = await NestFactory.create(ApiModule);
const port = process.env.APP_PORT;
await app.listen(port);
Logger.log(`Server started on http://localhost:${port}`);
}
bootstrap();
看起来JwtModule.registerAsync
与环境变量不兼容。我尝试了很多方法,但它总是失败。
如果我在auth.module.ts
中更改环境变量以使用静态数据,则可以正常工作。
像这样:
secretOrPrivateKey: 'secretKey',
signOptions: {
expiresIn: 3600,
},
更新 项目结构
- src
- api
- auth
- interfaces
jwt-payload.interface.ts
auth.controller.ts
auth.module.ts
auth.service.ts
jwt.strategy.ts
index.ts
api.module.ts
index.ts
main.ts
- test
.env
现在我的main.ts看起来像这样。
import { NestFactory } from '@nestjs/core';
import * as dotenv from 'dotenv';
import { resolve } from 'path';
import { ApiModule } from './api/api.module';
import { Logger } from '@nestjs/common';
async function bootstrap() {
dotenv.config({ path: resolve(__dirname, '../.env') });
const app = await NestFactory.create(ApiModule);
const port = process.env.APP_PORT;
await app.listen(port);
Logger.log(`Server started on http://localhost:${port}`);
}
bootstrap();
你看到我的.env
文件在项目的根目录下。