NodeJS - Passport-JWT，如何设置多个提取器？

Question

这是我的身份验证策略的配置：

var JWT_STRATEGY_CONFIG = {
  jwtFromRequest: ExtractJwt.fromAuthHeaderWithScheme('MyBearer'),
  secretOrKey: SECRET,
  issuer : ISSUER,
  audience: AUDIENCE,
  passReqToCallback: false
};

我想添加第二个提取器，如果第一个失败，那么我想尝试第二个。为了说明我的想法，这是我想做的：

var JWT_STRATEGY_CONFIG = {
  jwtFromRequest: [
    ExtractJwt.fromAuthHeaderWithScheme('MyBearer'),
    ExtractJwt.fromUrlQueryParameter('authorization')
  ],
  secretOrKey: SECRET,
  issuer : ISSUER,
  audience: AUDIENCE,
  passReqToCallback: false
};

Answer 1

您还可以在 ExtractJwt.fromExtractors 函数中传递多个提取器

     var JWT_STRATEGY_CONFIG = {   
      secretOrKey: SECRET,   
      issuer : ISSUER,    
      audience: AUDIENCE,    
      passReqToCallback: false,
     jwtFromRequest:ExtractJwt.fromExtractors([ExtractJwt.fromBodyField('auth_token'),ExtractJwt.fromUrlQueryParameter('auth_token')]),

};

Answer 2

开个玩笑！ 我刚刚意识到我可以轻松创建my own extractor！

var cookieExtractor = function(req) {
    var token = null;
    if (req && req.cookies)
    {
        token = req.cookies['jwt'];
    }
    return token;
};

问题已解决！

编辑：如果您的情况与我的情况相同，这是我制作的代码：

var TokenExtractor = function(req){
  var token = null;

  if ((req.headers && req.headers.authorization) || (req.query && req.query.authorization)) {
    if (req.headers.authorization)
      var parts = req.headers.authorization.split(' ');
    else if (req.query.authorization)
      var parts = req.query.authorization.split(' ');

    if (parts.length == 2) {
      var scheme = parts[0],
        credentials = parts[1];

      if (/^MyBearer$/i.test(scheme)) { //<-- replace MyBearer by your own.
        token = credentials;
      }
    }
  } else if (req.param('token')) {
    token = req.param('token');
    delete req.query.token;
  }

  return token;
}

var JWT_STRATEGY_CONFIG = {
  jwtFromRequest: TokenExtractor,
  secretOrKey: SECRET,
  issuer : ISSUER,
  audience: AUDIENCE,
  passReqToCallback: false
};

此代码的部分灵感来自您可以找到的 here。

Answer 3

感谢分享这个简单的解决方案。我在打字稿中采用了您对 NestJs 的方法。以防万一有人寻找。

import { PassportStrategy } from '@nestjs/passport';
import { ExtractJwt, Strategy } from 'passport-jwt';
import { Inject, Injectable } from '@nestjs/common';
import { JWT_SECRET } from '../auth.constants';

/**
 * Extracts the jwt from a cookie
 * @param req Http Request
 */
const cookieExtractor = (req) => {
  let token = null;
  if (req && req.cookies) {
    token = req.cookies.jwt;
  }
  return token;
};

@Injectable()
export class JwtStrategy extends PassportStrategy(Strategy) {

  constructor(@Inject('JWT_SECRET') jwtSecret: string) {
    super({
      jwtFromRequest: ExtractJwt.fromExtractors([
        // Take jwt from http header
        ExtractJwt.fromAuthHeaderAsBearerToken(),
        // Take jwt from cookie
        cookieExtractor
      ]),
      ignoreExpiration: false,
      secretOrKey: jwtSecret,
    });
  }

  async validate(payload: { sub: number, iat: number, exp: number, username: string }): Promise<{ userId: any; username: any }> {
    return { userId: payload.sub, username: payload.username };
  }
}