当用户对象有太多项目时

当用户对象有太多项目时

本文介绍了下一个认证 |当用户对象有太多项目时,会话请求没有数据的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我会尽力为我解释我的问题.

I will try to explain my problem as best as possible for me.

我使用 Strapi 作为后端,使用 Nextjs 作为前端.

I'm using Strapi as a backend and Nextjs as a frontend.

我使用 NextAuth 进行身份验证.

For the authentication I using NextAuth.

[...nextauth].js:

const options = {
  providers: [
    Providers.Credentials({
      name: 'Credentials',
      credentials: {
        username: { label: "Email", type: "email", placeholder: "jsmith" },
        password: { label: "Password", type: "password" }
      },
      authorize: async (credentials) => {
        try {
          const user = await axios.post(`${process.env.NEXT_PUBLIC_API_URL}/auth/local`, {
            identifier: credentials.username,
            password: credentials.password,
          });
          if (user.data) {
            return user.data
          } else {
            return null
          }
        } catch (error) {
          const errorMessage = error.response.data.message[0].messages[0].message
          throw new Error(errorMessage)
        }
      }
    }),
  ],
  database: process.env.NEXT_PUBLIC_DATABASE_URL,
  session: {
    jwt: true,
  },
  callbacks: {
    jwt: async (token, user) => {
      if (user) {
        token.jwt = user.jwt;
        token.user = user.user;
      }
      return Promise.resolve(token);
    },
    session: async (session, token) => {
      session.jwt = token.jwt;
      session.user = token.user;
      return Promise.resolve(session);
    },
  },
  pages: {
    signIn: '/login',
    error: '/login'
  },
};

const Auth = (req, res) =>
  NextAuth(req, res, options);

export default Auth;

当我发送带有标识符和密码的表单时,我会收到带有用户数据和 jwt 的会话响应.

When I send form with identifier and password I getting session response with user data and jwt.

一切正常,但如果用户对象分配给他的对象很少,那么就会出现问题并且会话为空.

Everything working well, but if user objects have few more objects assigned to him, then something goes wrong and the session is empty.

示例:我在 Strapi 中创建了一个简单的集合,只有两个字段 - 图像字段和所有者(与用户的关系).每个响应都包含几行图片内容:

Example:I creating in Strapi simple collection with just two fields - image field, and owner (relation to user). Every response with image contents few lines:

"photo": {
            "_id": "60ca03fa20bd43033a53950e",
            "name": "Zrzut ekranu 2021-06-16 o 14.59.48.png",
            "alternativeText": "",
            "caption": "",
            "hash": "Zrzut_ekranu_2021_06_16_o_14_59_48_2bc223567b",
            "ext": ".png",
            "mime": "image/png",
            "size": 170.69,
            "width": 668,
            "height": 636,
            "url": "/uploads/Zrzut_ekranu_2021_06_16_o_14_59_48_2bc223567b.png",
            "formats": {
                "thumbnail": {
                    "name": "thumbnail_Zrzut ekranu 2021-06-16 o 14.59.48.png",
                    "hash": "thumbnail_Zrzut_ekranu_2021_06_16_o_14_59_48_2bc223567b",
                    "ext": ".png",
                    "mime": "image/png",
                    "width": 164,
                    "height": 156,
                    "size": 14.92,
                    "path": null,
                    "url": "/uploads/thumbnail_Zrzut_ekranu_2021_06_16_o_14_59_48_2bc223567b.png"
                },
                "small": {
                    "name": "small_Zrzut ekranu 2021-06-16 o 14.59.48.png",
                    "hash": "small_Zrzut_ekranu_2021_06_16_o_14_59_48_2bc223567b",
                    "ext": ".png",
                    "mime": "image/png",
                    "width": 500,
                    "height": 476,
                    "size": 121.79,
                    "path": null,
                    "url": "/uploads/small_Zrzut_ekranu_2021_06_16_o_14_59_48_2bc223567b.png"
                }
            },

当我添加 1 或 2 个带有图像的项目并尝试登录拥有该项目的用户时,一切都很好,我可以登录并接收完整的用户对象和 jwt 令牌.

When I add 1 or 2 items with image and try to login to user who own that items then everything is fine, I can log in and receive full user object and jwt token.

但是当我在那里添加 3 个项目时,会话对象为空,我无法登录.我没有收到用户对象和 jwt 令牌.

But when I add 3 items there, session object is empty, and I can't log in. I do not receiving user object and jwt token.

有 3 个项目有2个项目

当我使用邮递员时,即使有 50 项响应也很好,并且包括完整的用户对象和 jwt 令牌.

When I using postman, even with 50 items response is good and include full user object and jwt token.

我认为是因为响应太大或类似的东西,但我不知道如何处理它.

I think is because response is too large or something like that, but I have no clue how to deal with it.

我在 MacOS 上使用本地主机(前端和后端).

I working on localhost (both - frontend and backend) on MacOS.

有没有人可以帮我找到解决这个问题的方法?

Is there anyone who can help me find a solution for that problem?

亲切的问候,全科医生

推荐答案

出现上述问题的原因是api中的response传给了很多数据,next-auth把所有的数据都存入了JWT,而JWT是全存的在 cookie 中,cookie 被限制为 4096 字节,这只会破坏该限制和响应.

The reason of above issue is that in api response is passed to many data, and next-auth store that all data in JWT, and JWT is stored in full in cookie, cookie is limited to 4096 bytes, and that simply brake that limit and response.

最简单的整理方法是在 JWT 中只保存最重要的数据.

The simplest way to sort it out is to save only most important data in JWT.

你可以在回调函数中做到这一点.

You can do that in callback function.

这篇关于下一个认证 |当用户对象有太多项目时,会话请求没有数据的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

07-30 18:13