unauthorized when posting users/profile

[ranjanmishra07]

i copied all the code same to same still getting unauthorized when trying to post the jwt token via localhost/users/profile

[itscodetime]

I had the same issue, I replaced ExtractJwt.fromAuthHeader with ExtractJwt.fromAuthHeaderWithScheme("jwt") in passport.js.

[aertan]

I had the same problem. First I changed opts.jwtFromRequest = ExtractJwt.fromAuthHeader() to ExtractJwt.fromAuthHeaderWithScheme('jwt') in the passport.js file.

Important Note: If you had problems with ExtractJwt.fromAuthHeader() and changed it to ExtractJwt.fromAuthHeaderAsBearerToken() this was a wrong solution. I know, been there.

The change I mentioned above makes way for another error on the next line since it cannot find any _id in jwt_payload. You need to change the line User.getUserById(jwt_payload._doc._id to User.getUserByUsername(jwt_payload.username and voila! You're in without any issues.

[pscheich]

Hey, i had the same problem. My solution in the passport.js is to change //opts.jwtFromRequest = ExtractJwt.fromAuthHeaderAsBearerToken(); opts.jwtFromRequest = ExtractJwt.fromAuthHeaderWithScheme('jwt');

after taking a look to _console.log(jwtpayload); I got this output: { data: { _id: '59eb44af9c219b2d89f2da83', name: 'testi tester', email: 'test@test.test', username: 'test', password: '$2a$10$eBLcxGItjHaVCDSgeFOoBOxxD72qo9ZQyfWk4tSvK3sgoVB5RmD/y', __v: 0 }, iat: 1508591069, exp: 1509195869 } Then I changed

_//User.getUserByUsername(jwt_payload.username, (err, user) => {
  User.getUserById(jwt_payload.data._id, (err, user) => {_

I hope this will help you. Is it better to check by id or by username? I think there no check if an username exists by registration. But this is maybe an other issue.

Greets

[shipcommit]

I'm having some trouble with this part as well.

I tried changing to User.getUserByUsername(jwt_payload.username, but getting Unauthorized with Postman.

On the other hand, if I use User.getUserByUsername(jwt_payload.username, I get this response from Postman:

TypeError: Cannot read property '_id' of undefined at JwtStrategy.passport.use.JwtStrategy [as _verify] (D:\directory\config\passport.js:11:39) at D:\directory\node_modules\passport-jwt\lib\strategy.js:123:34 at D:\directory\node_modules\passport-jwt\node_modules\jsonwebtoken\verify.js:27:18 at _combinedTickCallback (internal/process/next_tick.js:131:7) at process._tickCallback (internal/process/next_tick.js:180:9)

Here is all the code of my passport.js file:

const JwtStrategy = require('passport-jwt').Strategy; const ExtractJwt = require('passport-jwt').ExtractJwt; const User = require('../models/user'); const config = require('../config/database');

module.exports = function(passport){ let opts = {}; opts.jwtFromRequest = ExtractJwt.fromAuthHeaderWithScheme("jwt"); opts.secretOrKey = config.secret; passport.use(new JwtStrategy(opts, (jwt_payload, done) => { User.getUserById(jwt_payload.data._id, (err, user) => { if(err){ return done(err, false); }

  if(user){
    return done(null, user);
  } else {
    return done(null, false);
  }
});

})); }

[tomcatbuzz]

The code you posted is the same as what is in the repository. So if you changed it from ID to USERNAME somewhere else in the app then ofcourse you will get an error.

[tomcatbuzz]

The code you posted is the same as the repository, On Monday, January 15, 2018, 1:15:06 PM EST, snowcastlegit notifications@github.com wrote:

I'm having some trouble with this part as well.

I tried changing to User.getUserByUsername(jwt_payload.username, but getting Unauthorized with Postman.

On the other hand, if I use User.getUserByUsername(jwt_payload.username, I get this response from Postman:

TypeError: Cannot read property '_id' of undefined at JwtStrategy.passport.use.JwtStrategy [as _verify] (D:\directory\config\passport.js:11:39) at D:\directory\node_modules\passport-jwt\lib\strategy.js:123:34 at D:\directory\node_modules\passport-jwt\node_modules\jsonwebtoken\verify.js:27:18 at _combinedTickCallback (internal/process/next_tick.js:131:7) at process._tickCallback (internal/process/next_tick.js:180:9)

Here is all the code of my passport.js file:

`const JwtStrategy = require('passport-jwt').Strategy; const ExtractJwt = require('passport-jwt').ExtractJwt; const User = require('../models/user'); const config = require('../config/database');

module.exports = function(passport){ let opts = {}; opts.jwtFromRequest = ExtractJwt.fromAuthHeaderWithScheme("jwt"); opts.secretOrKey = config.secret; passport.use(new JwtStrategy(opts, (jwt_payload, done) => { User.getUserById(jwt_payload.data._id, (err, user) => { if(err){ return done(err, false); } if(user){ return done(null, user); } else { return done(null, false); } });

})); }`

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub, or mute the thread.

[shipcommit]

I'm using User.getUserById(jwt_payload.data._id and opts.jwtFromRequest = ExtractJwt.fromAuthHeaderWithScheme('jwt');. Copied most of the code from the repository, but getting this error in Postman:

ReferenceError: user is not defined at router.get (D:\Sync\Business\Projects\Secured.fyi\Website\v5\routes\users.js:64:23) at Layer.handle [as handle_request] (D:\Sync\Business\Projects\Secured.fyi\Website\v5\node_modules\express\lib\router\layer.js:95:5) at next (D:\Sync\Business\Projects\Secured.fyi\Website\v5\node_modules\express\lib\router\route.js:137:13) at complete (D:\Sync\Business\Projects\Secured.fyi\Website\v5\node_modules\passport\lib\middleware\authenticate.js:263:13) at D:\Sync\Business\Projects\Secured.fyi\Website\v5\node_modules\passport\lib\middleware\authenticate.js:270:15 at pass (D:\Sync\Business\Projects\Secured.fyi\Website\v5\node_modules\passport\lib\authenticator.js:431:14) at Authenticator.transformAuthInfo (D:\Sync\Business\Projects\Secured.fyi\Website\v5\node_modules\passport\lib\authenticator.js:453:5) at D:\Sync\Business\Projects\Secured.fyi\Website\v5\node_modules\passport\lib\middleware\authenticate.js:267:22 at IncomingMessage.req.login.req.logIn (D:\Sync\Business\Projects\Secured.fyi\Website\v5\node_modules\passport\lib\http\request.js:55:13) at JwtStrategy.strategy.success (D:\Sync\Business\Projects\Secured.fyi\Website\v5\node_modules\passport\lib\middleware\authenticate.js:248:13) at verified (D:\Sync\Business\Projects\Secured.fyi\Website\v5\node_modules\passport-jwt\lib\strategy.js:115:41) at User.getUserById (D:\Sync\Business\Projects\Secured.fyi\Website\v5\config\passport.js:17:16) at model.Query.<anonymous> (D:\Sync\Business\Projects\Secured.fyi\Website\v5\node_modules\mongoose\lib\model.js:4056:16) at D:\Sync\Business\Projects\Secured.fyi\Website\v5\node_modules\kareem\index.js:273:21 at D:\Sync\Business\Projects\Secured.fyi\Website\v5\node_modules\kareem\index.js:131:16 at _combinedTickCallback (internal/process/next_tick.js:131:7)

[shipcommit]

It worked after I had copy-pasted the code for users.js from the repository. Must have been a symbol or character that was wrong, which I couldn't find.

[tomcatbuzz]

Sounds good, and I agree sometimes even 1 small typo throws everything off. On Tuesday, January 16, 2018, 2:25:43 PM EST, snowcastlegit notifications@github.com wrote:

It worked after I had copy-pasted the code for users.js from the repository. Must have been a symbol or character that was wrong, which I couldn't find.

— You are receiving this because you commented. Reply to this email directly, view it on GitHub, or mute the thread.

[hg1803]

@tomcatbuzz Can you please share the whole project

[tomcatbuzz]

I don't understand your question. This is the Github Repo for the Original MeanAuthApp. That is the whole project. Follow the first page of the Readme file. Says clone or download the files, open in a terminal and run npm install.