{"id":49858,"date":"2024-10-08T08:05:13","date_gmt":"2024-10-08T00:05:13","guid":{"rendered":"https:\/\/server.hk\/cnblog\/49858\/"},"modified":"2024-10-08T08:05:13","modified_gmt":"2024-10-08T00:05:13","slug":"nginx-%e6%8a%80%e5%b7%a7%ef%bc%9a%e4%bd%bf%e7%94%a8-auth_jwt-%e6%a8%a1%e5%a1%8a%e9%80%b2%e8%a1%8c-jwt-%e8%aa%8d%e8%ad%89","status":"publish","type":"post","link":"https:\/\/server.hk\/cnblog\/49858\/","title":{"rendered":"Nginx \u6280\u5de7\uff1a\u4f7f\u7528 auth_jwt \u6a21\u584a\u9032\u884c JWT \u8a8d\u8b49"},"content":{"rendered":"

Nginx \u6280\u5de7\uff1a\u4f7f\u7528 auth_jwt \u6a21\u584a\u9032\u884c JWT \u8a8d\u8b49<\/h1>\n

\u5728\u7576\u4eca\u7684\u7db2\u7d61\u74b0\u5883\u4e2d\uff0c\u5b89\u5168\u6027\u662f\u6bcf\u500b\u61c9\u7528\u7a0b\u5e8f\u548c\u7db2\u7ad9\u7684\u9996\u8981\u8003\u91cf\u3002\u96a8\u8457 API \u7684\u666e\u53ca\uff0cJSON Web Token\uff08JWT\uff09\u6210\u70ba\u4e86\u4e00\u7a2e\u6d41\u884c\u7684\u8eab\u4efd\u9a57\u8b49\u548c\u6388\u6b0a\u6a5f\u5236\u3002Nginx \u4f5c\u70ba\u4e00\u500b\u9ad8\u6548\u7684\u7db2\u9801\u4f3a\u670d\u5668\uff0c\u63d0\u4f9b\u4e86\u591a\u7a2e\u6a21\u584a\u4f86\u652f\u6301 JWT \u8a8d\u8b49\uff0c\u5176\u4e2d auth_jwt<\/code> \u6a21\u584a\u662f\u6700\u5e38\u7528\u7684\u9078\u64c7\u4e4b\u4e00\u3002<\/p>\n

\u4ec0\u9ebc\u662f JWT\uff1f<\/h2>\n

JWT \u662f\u4e00\u7a2e\u958b\u653e\u6a19\u6e96\uff08RFC 7519\uff09\uff0c\u7528\u65bc\u5728\u5404\u65b9\u4e4b\u9593\u5b89\u5168\u5730\u50b3\u905e\u4fe1\u606f\u3002\u5b83\u7531\u4e09\u90e8\u5206\u7d44\u6210\uff1a\u6a19\u982d\uff08Header\uff09\u3001\u6709\u6548\u8f09\u8377\uff08Payload\uff09\u548c\u7c3d\u540d\uff08Signature\uff09\u3002\u9019\u4e09\u90e8\u5206\u901a\u904e\u9ede\uff08.\uff09\u9023\u63a5\u5728\u4e00\u8d77\uff0c\u5f62\u6210\u4e00\u500b\u5b57\u7b26\u4e32\u3002JWT \u7684\u4e3b\u8981\u512a\u52e2\u5728\u65bc\u5b83\u7684\u81ea\u5305\u542b\u6027\uff0c\u9019\u610f\u5473\u8457\u5b83\u53ef\u4ee5\u651c\u5e36\u7528\u6236\u7684\u8eab\u4efd\u4fe1\u606f\u548c\u6b0a\u9650\uff0c\u4e26\u4e14\u53ef\u4ee5\u88ab\u9a57\u8b49\u3002<\/p>\n

Nginx \u7684 auth_jwt \u6a21\u584a<\/h2>\n

Nginx \u7684 auth_jwt<\/code> \u6a21\u584a\u5141\u8a31\u7528\u6236\u5728\u8acb\u6c42\u4e2d\u4f7f\u7528 JWT \u9032\u884c\u8eab\u4efd\u9a57\u8b49\u3002\u9019\u500b\u6a21\u584a\u53ef\u4ee5\u5e6b\u52a9\u958b\u767c\u8005\u8f15\u9b06\u5730\u4fdd\u8b77 API \u548c\u5176\u4ed6\u8cc7\u6e90\uff0c\u78ba\u4fdd\u53ea\u6709\u7d93\u904e\u8eab\u4efd\u9a57\u8b49\u7684\u7528\u6236\u624d\u80fd\u8a2a\u554f\u3002<\/p>\n

\u5b89\u88dd Nginx \u548c auth_jwt \u6a21\u584a<\/h3>\n

\u9996\u5148\uff0c\u60a8\u9700\u8981\u78ba\u4fdd Nginx \u5df2\u7d93\u5b89\u88dd\u4e26\u652f\u6301 auth_jwt<\/code> \u6a21\u584a\u3002\u60a8\u53ef\u4ee5\u901a\u904e\u4ee5\u4e0b\u547d\u4ee4\u6aa2\u67e5 Nginx \u7684\u7248\u672c\u548c\u6a21\u584a\uff1a<\/p>\n

nginx -V<\/code><\/pre>\n
\u5982\u679c\u60a8\u7684 Nginx \u6c92\u6709\u5305\u542b auth_jwt<\/code> \u6a21\u584a\uff0c\u60a8\u53ef\u80fd\u9700\u8981\u91cd\u65b0\u7de8\u8b6f Nginx\uff0c\u6216\u8005\u4f7f\u7528\u652f\u6301\u8a72\u6a21\u584a\u7684\u9810\u7de8\u8b6f\u7248\u672c\u3002<\/p>\n
\u914d\u7f6e Nginx \u4f7f\u7528 auth_jwt \u6a21\u584a<\/h3>\n
\u4ee5\u4e0b\u662f\u4e00\u500b\u57fa\u672c\u7684 Nginx \u914d\u7f6e\u793a\u4f8b\uff0c\u5c55\u793a\u5982\u4f55\u4f7f\u7528 auth_jwt<\/code> \u6a21\u584a\u9032\u884c JWT \u8a8d\u8b49\uff1a<\/p>\n
server {\n    listen 80;\n    server_name example.com;\n\n    location \/api {\n        auth_jwt \"Protected API\";\n        auth_jwt_key \"your_jwt_secret_key\";\n\n        proxy_pass http:\/\/backend;\n    }\n}<\/code><\/pre>\n
\u5728\u9019\u500b\u914d\u7f6e\u4e2d\uff0cauth_jwt<\/code> \u6307\u4ee4\u555f\u7528\u4e86 JWT \u8a8d\u8b49\uff0c\u4e26\u4e14 auth_jwt_key<\/code> \u6307\u4ee4\u6307\u5b9a\u4e86\u7528\u65bc\u9a57\u8b49 JWT \u7684\u5bc6\u9470\u3002\u8acb\u6839\u64da\u60a8\u7684\u5be6\u969b\u60c5\u6cc1\u66ff\u63db your_jwt_secret_key<\/code>\u3002<\/p>\n
\u751f\u6210\u548c\u9a57\u8b49 JWT<\/h3>\n
\u751f\u6210 JWT \u901a\u5e38\u5728\u7528\u6236\u767b\u9304\u6642\u9032\u884c\u3002\u4ee5\u4e0b\u662f\u4e00\u500b\u4f7f\u7528 Node.js \u7684\u793a\u4f8b\uff0c\u5c55\u793a\u5982\u4f55\u751f\u6210 JWT\uff1a<\/p>\n
const jwt = require('jsonwebtoken');\n\nconst user = { id: 1, username: 'user1' };\nconst token = jwt.sign(user, 'your_jwt_secret_key', { expiresIn: '1h' });\n\nconsole.log(token);<\/code><\/pre>\n
\u5728\u9019\u500b\u793a\u4f8b\u4e2d\uff0c\u6211\u5011\u4f7f\u7528 jsonwebtoken<\/code> \u5eab\u751f\u6210\u4e86\u4e00\u500b JWT\uff0c\u4e26\u8a2d\u7f6e\u4e86\u904e\u671f\u6642\u9593\u70ba\u4e00\u5c0f\u6642\u3002\u7528\u6236\u5728\u767b\u9304\u5f8c\u6703\u6536\u5230\u9019\u500b token\uff0c\u4e26\u5728\u5f8c\u7e8c\u7684 API \u8acb\u6c42\u4e2d\u5c07\u5176\u4f5c\u70ba Authorization \u6a19\u982d\u7684\u4e00\u90e8\u5206\u767c\u9001\u3002<\/p>\n
Authorization: Bearer your_jwt_token<\/code><\/pre>\n
\u7e3d\u7d50<\/h2>\n
\u4f7f\u7528 Nginx \u7684 auth_jwt<\/code> \u6a21\u584a\u9032\u884c JWT \u8a8d\u8b49\u662f\u4e00\u7a2e\u6709\u6548\u7684\u4fdd\u8b77 API \u548c\u8cc7\u6e90\u7684\u65b9\u5f0f\u3002\u901a\u904e\u7c21\u55ae\u7684\u914d\u7f6e\uff0c\u60a8\u53ef\u4ee5\u78ba\u4fdd\u53ea\u6709\u7d93\u904e\u8eab\u4efd\u9a57\u8b49\u7684\u7528\u6236\u624d\u80fd\u8a2a\u554f\u60a8\u7684\u61c9\u7528\u7a0b\u5e8f\u3002\u96a8\u8457\u7db2\u7d61\u5b89\u5168\u9700\u6c42\u7684\u589e\u52a0\uff0c\u638c\u63e1\u9019\u4e9b\u6280\u8853\u5c07\u5c0d\u958b\u767c\u8005\u548c\u7cfb\u7d71\u7ba1\u7406\u54e1\u81f3\u95dc\u91cd\u8981\u3002<\/p>\n
\u5982\u679c\u60a8\u6b63\u5728\u5c0b\u627e\u53ef\u9760\u7684 \u9999\u6e2f VPS<\/a> \u89e3\u6c7a\u65b9\u6848\uff0cServer.HK \u63d0\u4f9b\u591a\u7a2e\u9078\u64c7\uff0c\u5e6b\u52a9\u60a8\u8f15\u9b06\u90e8\u7f72\u548c\u7ba1\u7406\u60a8\u7684\u61c9\u7528\u7a0b\u5e8f\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"
\u63a2\u7d22 Nginx \u7684 auth_jwt \u6a21\u584a\uff0c\u5b78\u7fd2\u5982\u4f55\u5be6\u73fe\u9ad8\u6548\u7684 JWT \u8a8d\u8b49\uff0c\u589e\u5f37\u61c9\u7528\u5b89\u5168\u6027\u8207\u6027\u80fd\u3002<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4924],"tags":[],"class_list":["post-49858","post","type-post","status-publish","format-standard","hentry","category-setup-tutorials"],"_links":{"self":[{"href":"https:\/\/server.hk\/cnblog\/wp-json\/wp\/v2\/posts\/49858","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/server.hk\/cnblog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/server.hk\/cnblog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/server.hk\/cnblog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/server.hk\/cnblog\/wp-json\/wp\/v2\/comments?post=49858"}],"version-history":[{"count":1,"href":"https:\/\/server.hk\/cnblog\/wp-json\/wp\/v2\/posts\/49858\/revisions"}],"predecessor-version":[{"id":49859,"href":"https:\/\/server.hk\/cnblog\/wp-json\/wp\/v2\/posts\/49858\/revisions\/49859"}],"wp:attachment":[{"href":"https:\/\/server.hk\/cnblog\/wp-json\/wp\/v2\/media?parent=49858"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/server.hk\/cnblog\/wp-json\/wp\/v2\/categories?post=49858"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/server.hk\/cnblog\/wp-json\/wp\/v2\/tags?post=49858"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}