search

maxgalbu / adonis5-jwt

JWT Authentication service for Adonisjs v5
MIT License
86 stars 15 forks source link

Trying to create a brand new token from login results in E_INVALID_TOKEN_EXPIRY #13

Closed evoactivity closed 2 years ago

evoactivity commented 2 years ago 
export default class AuthenticationController {
  public async signUp({ request, response, auth }: HttpContextContract) {
    const { email, password } = await request.validate(SignUpUser);

    const user = new User();

    user.email = email;
    user.password = password;

    try {
      await user.save();

      const jwt = await auth.use('jwt').generate(user);
      return jwt;
    } catch (error) {
      console.log(error);
      return response.badRequest('Invalid credentials ');
    }
  }
}
    jwt: {
      driver: 'jwt',
      publicKey: Env.get('JWT_PUBLIC_KEY', '').replace(/\\n/g, '\n'),
      privateKey: Env.get('JWT_PRIVATE_KEY', '').replace(/\\n/g, '\n'),
      persistJwt: false,
      jwtDefaultExpire: '10m',
      refreshTokenDefaultExpire: '1d',
      tokenProvider: {
        type: 'jwt',
        driver: 'redis',
        redisConnection: 'local',
        foreignKey: 'user_id'
      },
      provider: {
        driver: 'lucid',
        identifierKey: 'id',
        uids: [],
        model: () => import('App/Models/User')
      }
    }
Exception: E_INVALID_TOKEN_EXPIRY: The refresh token expiry date/time should be in the future
    at JwtRedisProvider.write (/Users/z/project/node_modules/adonis5-jwt/build/lib/TokenProviders/JwtRedisProvider.js:99:19)
    at JWTGuard.login (/Users/z/project/node_modules/adonis5-jwt/build/lib/Guards/JwtGuard.js:228:38)
    at AuthenticationController.signUp (/Users/z/project/app/Controllers/Http/AuthenticationController.ts:17:19)
    at Object.PreCompiler.runRouteHandler [as fn] (/Users/z/project/node_modules/@adonisjs/http-server/build/src/Server/PreCompiler/index.js:47:31)
    at Server.handleRequest (/Users/z/project/node_modules/@adonisjs/http-server/build/src/Server/index.js:108:13)

If I change persistJwt: false to persistJwt: true it works as expected.

I also had to install @adonis/sink into my application to run node ace configure adonis5-jwt even though yarn why @adonis/sink showed the dependency was installed by adonis.

maxgalbu commented 2 years ago

I think I fixed it 15 days ago, it was missing the redis tokenProvider for refresh token: https://github.com/maxgalbu/adonis5-jwt/releases/tag/v1.1.6

Please try to update to 1.1.6 and report back 😄

evoactivity commented 2 years ago

I upgraded, set persistJwt: false and all my authentication tests still pass :)

Thanks!