I include the express, etc including:
var expressJwt = require('express-jwt'); //https://npmjs.org/package/express-jwt
var secret = 'this is the secret secret secret 12356';
var jwt = require('jsonwebtoken'); //https://npmjs.org/package/node-jsonwebtoken
then define my sequelize models and epilogue routes and place this here:
app.post('/authenticate', function (req, res) {
//TODO validate req.body.username and req.body.password
//if is invalid, return 401
if (!(req.body.username === 'john.doe' && req.body.password === 'foobar')) {
res.status(401).send('Wrong user or password');
return;
}
var profile = {
first_name: 'John',
last_name: 'Doe',
email: 'john@doe.com',
id: 123
};
// We are sending the profile inside the token
var token = jwt.sign(profile, secret, { expiresInMinutes: 60*5 });
res.json({ token: token });
});
When I enter john.doe and foobar in a form, I get told by console that jwt.sign is not a function, even after an npm install.
jsonwebtoken is used only to validate/decode jwts on express.js requests.
If you need to sign requests you need to use node-jsonwebtoken:
https://github.com/auth0/node-jsonwebtoken
GH issue:
https://github.com/auth0/express-jwt/issues/48
here's a nice blogpost about what you are trying to do: