GET http://localhost:5000/booksIdea/show 403 (Forbidden)
我检查了网站https://jwt.io/中的令牌,但我的签名无效,因此我想为什么会出现此问题,但我忽略了解决方法 我搜索了此错误,这就是我发现的结果:服务器收到403响应,告诉您:“对不起。我知道您是谁-我相信您说的是谁-但您只是没有访问此资源的权限。如果您很好地询问系统管理员,您可能会获得许可。但是请不要再困扰我,直到您的困境改变为止。”
前端的API GET功能:
import axios from 'axios'
export const ShowBooks = () => {
let token = localStorage.getItem("usertoken")
return axios.get("http://localhost:5000/booksIdea/show",{
headers: {
Authorization: `Bearer ${token}`,//here remove + in template litereal
},})
.then(res => {
console.log("Success")
})
.catch(error => {
console.log(error)
})
}
后端app.js
const express = require('express')
var cookieParser = require('cookie-parser')
const app = express()
var cors = require('cors')
var bodyParser = require('body-parser')
const port = 5000
const routes = require("./routes");
const con = require('./db')
var cors = require('cors')
app.use(cors())
// database connect
con.connect(function(err) {
if (err) throw err;
console.log("Connected!");
});
//cookie
app.use(cookieParser())
//routes
// support parsing of application/json type post data
app.use(bodyParser.json());
//support parsing of application/x-www-form-urlencoded post data
app.use(bodyParser.urlencoded({ extended: true }));
app.use("/",routes);
app.listen(port,() => console.log(`Example app listening on port ${port}!`))
这是路线
var express = require('express')
var router = express.Router()
var Controller = require('./controller')
var authController = require('./authController')
var BooksIdeaController = require('./BooksIdeaController')
router.post('/register',Controller.register);
router.post('/login',authController.login);
router.post('/booksIdea/:id',authController.verify,BooksIdeaController.addComment)
router.post('/booksIdea/addbook',BooksIdeaController.addBookIdea)
router.get('/booksIdea/show',BooksIdeaController.showBookIdea)
router.put('/booksIdea/edit/:id',BooksIdeaController.UpdateBookIdea)
router.delete('/booksIdea/delete/:id',BooksIdeaController.DeleteBookIdea)
module.exports = router;
authController
const con = require('./db');
var bcrypt = require('bcrypt');
let jwt = require('jsonwebtoken');
const express = require('express')
var cookieParser = require('cookie-parser')
const app = express()
module.exports.login=function(req,res){
var username=req.body.name;
var password=req.body.password;
con.query('SELECT * FROM users WHERE username = ?',[username],function (error,results,fields) {
if (error) {
res.json({
status:false,message:'there are some error with query'
})
}else{
if(results.length >0){
bcrypt.compare(password,results[0].password,function (err,result) {
if (result == true) {
jwt.sign({user:results},'configSecret',(err,token)=>{
res.json({
token:token
})
});
// res.json({
// status:true,// message:'successfully authenticated'
// })
} else {
res.json({
status:false,message:"username and password does not match"
});
}
});
}
else{
res.json({
status:false,message:"username does not exits"
});
}
}
});
}
module.exports.home=function(req,res){
res.send('hello');
}
//////
// if(password==results[0].password){
// }else{
//
// }
module.exports.verify = function verifyToken(req,res,next) {
// Get auth header value
const bearerHeader = req.headers['authorization'];
// Check if bearer is undefined
if(typeof bearerHeader !== 'undefined') {
// Split at the space
const bearer = bearerHeader.split(' ');
// Get token from array
const bearerToken = bearer[1];
// Set the token
req.token = bearerToken;
// Next middleware
next();
} else {
// Forbidden
res.sendStatus(403);
}
}
如何解决此错误?预先感谢您的帮助