How to send/extract JWT token in nodejs with passport-jwt?
I've tried to check if they're online examples of how to use JWT extractors to get the token from the request but I failed to understand how to send the token with the request after the user logins.
When I use Postman, there's a tab called Authorization where I can choose the type Bearer Token which enabled me to add the token with the Authorization and the request http://localhost:5000/profile went successfully.
However, the browser stills showing me only Unauthorized when I try to access the profile http://localhost:5000/profile after successful login.
POSTMAN SCREEN-SHOT:
BROWSER SCREEN-SHOT:
I've followed the passpot-jwt documentation configuration:
passport.use(
new JWTStrategy(
{
jwtFromRequest: ExtractJWT.fromAuthHeaderAsBearerToken(),
secretOrKey: "mysecret",
},
function (jwtPayload, done) {
return User.findOne({ username: jwtPayload.username })
.then((user) => {
return done(null, user);
})
.catch((err) => {
return done(err);
});
}
)
);
And my login route looks like :
Router.post("/", (req, res, next) => {
passport.authenticate("local", { session: false }, (err, user, info) => {
if (err) return next(err);
if (!user) {
return res.redirect("/login?info=" + info);
}
req.logIn(user, { session: false }, (err) => {
if (err) return next(err);
const token = jwt.sign({ username: user.username }, "mysecret");
res.json({ user, token: `Bearer ${token}` });
});
})(req, res, next);
});
The issue is:
I was trying to access the profile without adding the Authorization in the header from the server itself. The Authorization contains the generated token.
With Postman I was able to do that with the UI as explained above. However, in the code, I needed to create a middleware before accessing the profile route.
app.use(
"/profile",
(req, res, next) => {
req.headers.authorization = `Bearer ` + req.cookies["authentication-token"];
next();
},
profileRouter
);
- Node.js recursive calls with q framework for multiple GET requests
- How to Decode and Verify OCSP Response in TypeScript with pkijs for Certificate Validation
- Firebase and Node.js application results in the requested URL was not found on this server for the firebase serve command
- Can I determine if a string is a MongoDB ObjectID?
- Husky add command is deprecated?
- Solidity compiler error loading specific function
- error could not determine Node.js install directory
- How can I sort an array?
- Make a link from Electron open in browser
- Prisma query engine not found on mac M1
- response.clearCookie() followed by response.cookie() leads to 2 same-name cookies
- Cannot read properties of undefined (reading 'statusCode') Nodejs using cheerio
- WebSocket connection to wss failed in production only(front end and back end on different domains)
- Puppeteer cant listen all request from paribu.com
- Disable deprecation in javascript console
- messaging.sendMulticast is not a function
- Node.js fs.readdir recursive directory search
- How to specify local registry in yarn?
- Handle Cors from lambda to cloudfront or s3
- Where can i see in amplify app the console log
- generate *.story.ts automatially when generating Angular component by cli
- Node.js native addons: where is node_api.h located?
- Errors building supergraph with Docker, Node.js, and Apollo's rover
- Postman POST call works Angular doesn't
- How to change console.log() output in VSCode?
- nodejs server create file name 4000, when server started
- Uncaught TypeError: PouchDB is not a constructor
- The difference between "require(x)" and "import x"
- Uncaught Error: Invariant Violation: Element type is invalid: expected a string (for built-in components) or a class/function but got: object
- "npm run dev" Command Doesn't Work - Giving "missing script: dev" error