express-jwt handling specific secret passphrase by routes

こ雲淡風輕ζ 提交于 2020-01-04 12:49:18

问题


Here is my use case.

In my express app using express-jwt module, I have 2 mains routes. I would like to secure my routes with 2 distincts passphrase.

app.use('/api/v1/admin', jwt({secret: "blabla1"}).unless({path:['/api/v1/admin/login']}));
app.use('/api/v1', jwt({secret: "blabla2"}).unless({path: ['/api/v1/login']}));

In this case, it doesn't work as I was expecting to... Is there a way to achieve this in only one express app ?

Thanks in advance for your helps guys!


回答1:


Your syntax is a little off, what you are doing above is setting the secret for the whole app. If you wanted to protect a certain route you could do something like below.

app.all('/api/v1', jwt({secret: "blabla2"}).unless({path: ['/api/v1/login']}));
app.all('/api/v1/admin', jwt({secret: "blabla1"}).unless({path:['/api/v1/admin/login']}));

The above code allows you define different secrets for a particular route. The call to app.all catches every type of HTTP call.



来源:https://stackoverflow.com/questions/28997519/express-jwt-handling-specific-secret-passphrase-by-routes

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!