我一直在用nestjs 开发一个微服务应用程序。我使用 Auth0 作为我的身份验证 * RBAC 提供程序,尽管这些细节与这个问题无关。
为了争论,假设我有 2 个服务,一个users服务和一个accounts服务。假设我的身份验证发生在users服务中,但是这两个服务都需要利用如下的身份验证保护。
import { AuthGuard } from '@nestjs/passport';
...
@UseGuards(AuthGuard('jwt'))
@Get()
findAll() {
return this.userService.findAll();
}
如果我在我正在使用的服务中完成所有护照配置,它就可以工作。这是完整的配置。
auth.module.ts
import { Module } from '@nestjs/common';
import { PassportModule } from '@nestjs/passport';
import { JwtStrategy } from './jwt.strategy';
@Module({
imports: [PassportModule.register({ defaultStrategy: 'jwt' })],
providers: [JwtStrategy],
exports: [PassportModule],
})
export class AuthModule {}
jwt.strategy.ts
import { Injectable } from '@nestjs/common';
import { PassportStrategy } from '@nestjs/passport';
import { ExtractJwt, Strategy } from 'passport-jwt';
import { passportJwtSecret } from 'jwks-rsa';
@Injectable()
export class JwtStrategy extends PassportStrategy(Strategy) {
constructor() {
super({
secretOrKeyProvider: passportJwtSecret({
cache: true,
rateLimit: true,
jwksRequestsPerMinute: 5,
jwksUri: `{AUTH0_ISSUER_URL}/.well-known/jwks.json`,
}),
jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
audience: {AUTH0_AUDIENCE},
issuer: {AUTH0_ISSUER_URL},
algorithms: ['RS256'],
});
}
validate(payload: unknown): unknown {
console.log('payload: ', payload);
return payload;
}
}
app.module.ts
import { Module } from '@nestjs/common';
import { AuthModule } from './auth/auth.module';
import { UserModule } from './users/users.module';
...
@Module({
imports: [
AuthModule,
UserModule,
],
controllers: [...],
providers: [...],
})
export class AppModule {}
同样,这一切正常,如果在尝试访问端点时未登录,我会得到 401。但是,当我将auth.module.tsandjwt.strategy.ts拉出到 npm 模块中并以完全相同的方式包含它时......我得到一个 500 并出现以下错误。
[Nest] 30616 - 06/08/2021, 11:07:03 AM [ExceptionsHandler] Unknown authentication strategy "jwt" +2291212ms
Error: Unknown authentication strategy "jwt"
at attempt (/Users/me/projects/svc-users/node_modules/passport/lib/middleware/authenticate.js:190:39)
at authenticate (/Users/me/projects/svc-users/node_modules/passport/lib/middleware/authenticate.js:367:7)
at /Users/me/projects/svc-users/node_modules/@nestjs/passport/dist/auth.guard.js:87:3
at new Promise (<anonymous>)
at /Users/me/projects/svc-users/node_modules/@nestjs/passport/dist/auth.guard.js:79:83
at MixinAuthGuard.<anonymous> (/Users/me/projects/svc-users/node_modules/@nestjs/passport/dist/auth.guard.js:48:36)
at Generator.next (<anonymous>)
at /Users/me/projects/svc-users/node_modules/@nestjs/passport/dist/auth.guard.js:20:71
at new Promise (<anonymous>)
at __awaiter (/Users/me/projects/svc-users/node_modules/@nestjs/passport/dist/auth.guard.js:16:12)
这是我package.json的私有 npm 模块...
{
"name": "@my-project/auth",
"version": "1.0.0",
"description": "NestJS npm package starter",
"author": "John Biundo <johnfbiundo@gmail.com>",
"license": "MIT",
"readmeFilename": "README.md",
"main": "dist/index.js",
"files": [
"dist/**/*",
"*.md"
],
"scripts": {
"start:dev": "tsc -w",
"build": "tsc",
...
},
"keywords": [
"nestjs"
],
"publishConfig": {
"access": "public"
},
"repository": {
"type": "git",
"url": "https://github.com/nestjsplus/nestjs-package-starter"
},
"bugs": "https://github.com/nestjsplus/nestjs-package-starter",
"peerDependencies": {
"@nestjs/common": "^7.0.0"
},
"dependencies": {
"@nestjs/passport": "^7.1.5",
"auth0": "^2.35.0",
"jwks-rsa": "^2.0.3",
"passport": "^0.4.1",
"passport-jwt": "^4.0.0"
},
"devDependencies": {
"@nestjs/common": "^7.6.15",
"@nestjs/config": "^0.6.3",
"@nestjs/core": "^7.6.15",
"@nestjs/platform-express": "^7.6.15",
"@nestjs/testing": "^7.6.15",
"@types/express": "^4.17.11",
"@types/jest": "^26.0.22",
"@types/node": "^14.14.36",
"@types/supertest": "^2.0.10",
"@typescript-eslint/eslint-plugin": "^4.19.0",
"@typescript-eslint/parser": "^4.19.0",
"eslint": "^7.22.0",
"eslint-config-prettier": "^8.1.0",
"eslint-plugin-prettier": "^3.3.1",
"jest": "^26.6.3",
"prettier": "^2.2.1",
"reflect-metadata": "^0.1.13",
"rxjs": "^7.0.1",
"supertest": "^6.1.3",
"ts-jest": "^26.5.4",
"ts-loader": "^8.0.18",
"ts-node": "^9.1.1",
"tsc-watch": "2.2.1",
"tsconfig-paths": "^3.9.0",
"tslint": "5.16.0",
"typescript": "^4.2.3"
},
"jest": {
"moduleFileExtensions": [
"js",
"json",
"ts"
],
"rootDir": "src",
"testRegex": ".*\\.spec\\.ts$",
"transform": {
"^.+\\.(t|j)s$": "ts-jest"
},
"collectCoverageFrom": [
"**/*.(t|j)s"
],
"coverageDirectory": "../coverage",
"testEnvironment": "node"
}
}
...最后在这里我将它保存为依赖项,以供本地使用到我的users服务中。
"dependencies": {
"@my-thing/auth": "../pkg-auth",
...
}
任何帮助将不胜感激,看来我只是缺少一些小东西。提前致谢。