我正在学习 Swagger,Express.js 和 JWT 这些教程网站。 https://scotch.io/tutorials/speed-up-your-restful-api-development-in-node-js-with-swagger https://scotch.io/tutorials/authenticate-a-node-js-api-with-json-web-tokens#creating-a-sample-user在文章的最后,使用 JWT 重写 Swagger 教程是一项挑战。
我正在做这件事而陷入困境。
我的问题是 Server side(Express.js)无法获取我在 swagger web 界面上设置的 header 参数。
console.log(“req.headers:%j”,req.headers);输出以下日志。
req.headers : {"host":"localhost:10010","connection":"keep-alive","access-control-request-method":"POST","origin":"http://127.0.0.1:49729","user-agent":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.143 Safari/537.36","access-control-request-headers":"content-type, token","accept":"*/*","referer":"http://127.0.0.1:49729/","accept-encoding":"gzip, deflate, sdch","accept-language":"ja,en-US;q=0.8,en;q=0.6"}
没有“x-access-token”,对吗?
所以我和邮差测试了,我得到了这个日志。
req.headers : {"host":"localhost:10010","connection":"keep-alive","content-length":"0","cache-control":"no-cache","origin":"chrome-extension://fhbjgbiflinjbdggehcddcbncdddomop","x-access-token":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyIkX18iOnsic3RyaWN0TW9kZSI6dHJ1ZSwiZ2V0dGVycyI6e30sIndhc1BvcHVsYXRlZCI6ZmFsc2UsImFjdGl2ZVBhdGhzIjp7InBhdGhzIjp7Il9fdiI6ImluaXQiLCJwYXNzd29yZCI6ImluaXQiLCJlbWFpbCI6ImluaXQiLCJuYW1lIjoiaW5pdCIsIl9pZCI6ImluaXQifSwic3RhdGVzIjp7Imlnbm9yZSI6e30sImRlZmF1bHQiOnt9LCJpbml0Ijp7Il9fdiI6dHJ1ZSwicGFzc3dvcmQiOnRydWUsImVtYWlsIjp0cnVlLCJuYW1lIjp0cnVlLCJfaWQiOnRydWV9LCJtb2RpZnkiOnt9LCJyZXF1aXJlIjp7fX0sInN0YXRlTmFtZXMiOlsicmVxdWlyZSIsIm1vZGlmeSIsImluaXQiLCJkZWZhdWx0IiwiaWdub3JlIl19LCJlbWl0dGVyIjp7ImRvbWFpbiI6bnVsbCwiX2V2ZW50cyI6e30sIl9ldmVudHNDb3VudCI6MCwiX21heExpc3RlbmVycyI6MH19LCJpc05ldyI6ZmFsc2UsIl9kb2MiOnsiX192IjowLCJwYXNzd29yZCI6ImIiLCJlbWFpbCI6ImIiLCJuYW1lIjoiYiIsIl9pZCI6IjU3ZWUyY2I5NjcwZjI3MTMyMTc0MTNiNCJ9LCJfcHJlcyI6eyIkX19vcmlnaW5hbF9zYXZlIjpbbnVsbCxudWxsXSwiJF9fb3JpZ2luYWxfdmFsaWRhdGUiOltudWxsXSwiJF9fb3JpZ2luYWxfcmVtb3ZlIjpbbnVsbF19LCJfcG9zdHMiOnsiJF9fb3JpZ2luYWxfc2F2ZSI6W10sIiRfX29yaWdpbmFsX3ZhbGlkYXRlIjpbXSwiJF9fb3JpZ2luYWxfcmVtb3ZlIjpbXX0sImlhdCI6MTQ3NTIzMDAwNywiZXhwIjoxNDc1MjMxNDQ3fQ.C0LASrYkxaU7FA3EwP8W6NQ85IlLXjdTIKnofeW8YE8","user-agent":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.143 Safari/537.36","postman-token":"0f3c6b0e-1f63-28ac-2b55-f58bbc209d5c","accept":"*/*","accept-encoding":"gzip, deflate","accept-language":"ja,en-US;q=0.8,en;q=0.6"}
邮差可以做到。除此之外,我成功了 jwt.verify();
我想我在 Swagger 上错过了一些设置,但我无法弄明白,所以我想问一下建议。
这是我的 Swagger 代码。
swagger: "2.0"
...
consumes:
- application/json
# format of the responses to the client (Accepts)
produces:
- application/json
paths:
...
/movie:
# our controller name
x-swagger-router-controller: movie
...
post:
description: add a new movie to the list
operationId: save
parameters:
- name: x-access-token
in: header
description: token to be passed as a header
required: true
type: string
...
responses:
...
谢谢您的帮助。
2016 年 10 月 1 日
事实证明,保护 app.js 中的根的代码工作得很糟糕。我创建了路由中间件来保护路由。如果我将其关闭,我可以在 Swagger operationId 方法中获取 header 参数。显然,我应该考虑像https://www.npmjs.com/package/swagger-routes这样的 Swagger Route 模块。