我正在使用feathers.js我的应用程序。在我的应用程序中,我使用不同的策略。对于所有这些策略,实体是user。但我也想local对内部运营商使用策略。全局实体设置为,user但对于local我以我的名称注册的策略,我operator将实体设置为operator(我的 Postgres 数据库中有user表operator)。这是我的config/default.js:
}
...
authentication: {
secret: "JWT_SECRET",
entity: "user",
service: "user",
phone: {
entity: "user",
service: "user"
},
jwt: {},
operator: {
entity: "operator",
service: "operator",
usernameField: "email",
passwordField: "password"
},
authStrategies: ["jwt", "phone, "operator"],
...
}
这是我的authentication.ts文件(我省略了一些 brewety 的代码):
export default function(app: Application): void {
authentication.register("phone", new PhoneStrategy());
authentication.register("jwt", new JwtStrategy());
authentication.register("operator", new OperatorStrategy());
app.use("/authentication", authentication);
app.configure(expressOauth());
}
class OperatorStrategy extends LocalStrategy {
async authenticate(data: any, params: Params) {
const operator = await this.app?.service("operator").find({
query: {
email: data.email,
$limit: 1
}
});
if (operator) {
const encryptedPass = getHash(data.password, operator.id);
if (operator.password === encryptedPass) {
const { email, password, ...restOfOperator } = operator;
return restOfOperator;
}
} else {
throw new NotAuthenticated();
}
}
}
我有operator这个服务的调用和钩子。
const isAuthorized = async (
context: HookContext
): Promise<HookContext> => {
console.log("User: ", context.params.user)
}
return context;
}
export default {
before: {
all: [],
find: [authenticate("operator"), isAuthorized],
get: [],
create: [],
update: [],
patch: [],
remove: []
},
...
}
所以你可以在上面看到我authenticate("operator")之前打电话find(),然后我打算打电话isAuthorized做一些检查。但是,context.params.user返回undefined.
看起来由于某种原因,身份验证服务在构建 JWT 时使用了全局实体和服务变量。
我的配置中是否缺少使身份验证服务使用operator实体的内容?或者换句话说,有没有办法将operatorservice 用于local策略而不是 global user?