According to documentation, https://github.com/auth0/node-jsonwebtoken#jwtverifytoken-secretorpublickey-options-callback, jwt.verify will returns decode payload, I run the simple script:
var token = jwt.sign({email: req.body.email,}, 's3cr3t');
var decoded = jwt.verify(token, 's3cr3t');
console.log(decoded)
but it only output like: { iat: 1470725598 }
I expect the output should be like {email: myemail@domain.com,}
Is there something I am missing ?
I was not able to mimic your problem until I set the property req.body.email to undefined.
Example:
var jwt = require('jsonwebtoken');
var token = jwt.sign({email: undefined}, 's3cr3t');
var decoded = jwt.verify(token, 's3cr3t');
With it been undefined, the output would look like this;
{ iat: 1470727340 }
and this matches exactly what you were having which cause me to suspect your main issue was just with the property req.body.email been undefined.
Assuming req.body.email is correctly set to "myemail@domain.com" then the output would be;
{ email: 'myemail@domain.com', iat: 1470727500 }
Just a side note here. You might want to consider wrapping the .verify method inside a try-catch clause, as shown in the documentation. This is useful for verifying and throwing error when a token is invalid.