我创造了/sign-in
端点基本上返回带有 2 个令牌的对象 - 刷新令牌和访问令牌。
@Post('/sign-in')
signIn(@Body() signInUserDto: SignInUserDto): Promise<TokensDto> {
return this.userService.signIn(signInUserDto);
}
我想做的是正常发送访问令牌JSON
,但是将访问令牌作为 cookie 发送,所以我稍微改变了这个函数,使它看起来像这样。
@Post('/sign-in')
async signIn(
@Request() req: ExpressRequest,
@Response() res: ExpressResponse
): Promise<ExpressResponse<any, Record<string, any>>> {
const { _at, _rt } = await this.userService.signIn(req.body);
res.cookie('_rt', _rt, {
httpOnly: true,
sameSite: 'strict',
maxAge: 7 * 24 * 60 * 60 * 1000
});
return res.status(200).json({ _at });
}
结果,我得到了访问令牌作为响应,但我没有得到 cookie 中的刷新令牌。我马上就能看出,在前端我有withCredentials: true
在 axios 中。另外,当我使用邮递员向此端点发送请求时,我得到 cookie,但不是在前端。为什么会发生这种情况以及如何让它设置 cookie?
PS.
在服务器终端中,无论我如何从前端或邮递员发送请求,我都会收到此警告:
Error [ERR_INTERNAL_ASSERTION]: This is caused by either a bug in Node.js or incorrect usage of Node.js internals.
Please open an issue with this stack trace at https://github.com/nodejs/node/issues
at assert (internal/assert.js:14:11)
at ServerResponse.detachSocket (_http_server.js:223:3)
at resOnFinish (_http_server.js:685:7)
at ServerResponse.emit (events.js:314:20)
at onFinish (_http_outgoing.js:735:10)
at onCorkedFinish (_stream_writable.js:673:5)
at afterWrite (_stream_writable.js:490:5)
at afterWriteTick (_stream_writable.js:477:10)
at processTicksAndRejections (internal/process/task_queues.js:83:21)