我正在使用 @nuxtjs/auth-next 模块通过 Express 服务器进行 JWT 身份验证。
身份验证配置 (nuxt.config.js)
auth: {
localStorage: false,
strategies: {
local: {
token: {
property: 'token',
global: true,
required: true,
type: 'Bearer',
},
user: {
property: 'user',
autoFetch: true,
},
endpoints: {
login: { url: '/api/auth/login', method: 'post' },
logout: { url: '/api/auth/logout', method: 'post' },
user: { url: '/api/auth/user', method: 'get' },
},
},
},
cookie: {
prefix: 'premium.',
options: {
secure: true,
},
},
redirect: {
login: '/',
logout: '/',
callback: '/',
home: '/dashboard',
},
},
登录工作非常好,可以浏览其他路线,但是一旦刷新站点,用户就会被注销。cookie 仍然设置并且令牌有效(使用 Postman 测试)。我还测试了路线。
Nginx 配置
server {
# SSL configuration
listen 443 ssl http2;
listen [::]:443 ssl http2;
# ... I left out ssl certs
server_name mydomain.com;
gzip on;
gzip_types text/plain application/xml text/css application/javascript;
gzip_min_length 1000;
# The Nuxt app
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
proxy_read_timeout 1m;
proxy_connect_timeout 1m;
proxy_pass http://127.0.0.1:8000;
proxy_redirect off;
}
# The express server on same domain
location ~ /api/* {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
proxy_read_timeout 1m;
proxy_connect_timeout 1m;
rewrite ^/api/(.*) /$1 break;
proxy_pass http://127.0.0.1:1337;
proxy_redirect off;
}
}