UnauthorizedError: No authorization token was found
In our backend routes/index.js, we have
var auth = jwt({ secret: process.env.JWT_SECRET_KEY, userProperty: 'payload' });
... ...
router.get('/ask', auth, function (req, res, next) {
... ...
}
I tried to test the /ask api from the frontend to backend in localhost. Here is a part of the code in the frontend:
async handleButtonClicked() {
cost data: any = {}
const token = await getSignToken();
console.log(token);
const headers = { Authorization: 'Bearer ' + token };
await axios.get("https://localhost:3000/ask", data, { headers, withCredentials: true });
}
I then signed in the frontend webpage in localhost, then launched the above function. I did see the token printed in the console of dev tools of the frontend. And in the console of the backend, it showed that the api was called. But it raised an error UnauthorizedError: No authorization token was found.
Could anyone tell me what might be the reason? How could I debug?
Additionally, I have a doubt about the value of process.env.JWT_SECRET_KEY. I see somewhere in our code it is just JWT_SECRET_KEY, somewhere in the production its a encrypted complex string. I would like to know if this secret is important (or maybe the reason of UnauthorizedError: No authorization token was found?). Should we always have the same secret in localhost and production?
PS: I cannot find Authorization in the headers of the /ask request from the frontend.
await axios.get("https://localhost:3000/ask", data, { headers, withCredentials: true });
should be
await axios.post("https://localhost:3000/ask", data, { headers, withCredentials: true });
- How to securely manage JWT, user role, and login status in localStorage?
- Spring OAuth2AuthorizationService implementations persist JWT access tokens
- How to implement authentication & authorization between microservices & API Gateway using Laravel
- JWT signature does not match locally computed signature. JWT validity cannot be asserted and should not be trusted
- Nest.js Auth Guard JWT Authentication constantly returns 401 unauthorized
- Create Signature in Openssl for a JWT for the AS400/iSeries/IBM i
- Generating JWT token with JwtUtil class in Spring Boot resulting in NullPointerException
- Go Gin Setting and Accessing context value from middleware
- Apply method in my AuthenticationFilter not getting called
- Getting something went wrong when added google private passes
- JWT strings must contain exactly 2 period characters. Found: 0
- request.getheader("Authorization") returning null
- Spring Boot with JWT : Full authentication is required to access this resource
- Is it possible to create a JWT authentication or something similar in Node.js without using frameworks?
- Next-auth getToken dont working on serverside
- Azure Function to generate JWT token error desterilising private key stored in key vault secret
- WebFluxSecurity does not add Authentication to SecurityContext
- Illegal base64url character: ' ' when getting claims/decode from token Java JWT Spring Boot
- IDX12723: Unable to decode the payload '[PII of type 'System.String' is hidden
- Custom encryption approach in PHP (like JWT) – is this secure enough
- Blazor Web App 9 (Server / Gloabl) JWT Authentication
- How to get "exp" from jwt token and compare with it current time to check if token is expired
- How to Properly Set Up Auth Middleware in Nuxt 3 with Node.js Backend?
- Coinbase: Authenticating with JWT in PHP
- Apim policy to validat token for b2b and as well as b2c tenant token endpoints
- how does OIDC /revoke work for JWT access_token when JWT validation is mostly stateless
- How can I sync JWT blacklists in PHP microservices without a bottleneck or SPOF?
- Why does Spring Boot return 403 Forbidden for a POST request to a secured endpoint even with a valid JWT?
- Calling api request inside an interceptor for jwt refresh token going to an infinite loop
- Blazor WASM - Component State from Server Missing