search

mikenicholson / passport-jwt

Passport authentication using JSON Web Tokens
MIT License
1.97k stars 214 forks source link

Fails while access without authentication #109

Closed fylhsq123 closed 7 years ago

fylhsq123 commented 7 years ago

Issue appears while I'm trying to access my API as unauthorized user. For now my code looks like:

apiRoutes.get('/userinfo', passport.authenticate('jwt', { session: false}), function(req, res) {
  var token = getToken(req.headers);
  if (token) {
    //...doing my staff
  } else {
    return res.status(403).send({error: true, msg: 'Unauthorized user'});
  }
});

I've got this error: TypeError: parsed_url.query.hasOwnProperty is not a function at JwtStrategy.authenticate (...\node_modules\passport-jwt\lib\strategy.js:108:89)

I've fixed that adding one more check to the IF statement:

if (parsed_url.query && parsed_url.query.hasOwnProperty && parsed_url.query.hasOwnProperty(self._tokenQueryParameterName)) {
            token = parsed_url.query[self._tokenQueryParameterName];
 }

I don't know if it's correct? Or I'm doing something wrong.

...sorry, I'm using version 1.2.1. So, maybe this issue is closed now...

mikenicholson commented 7 years ago

Yes, this was fixed a long time ago. Please update to the latest version, the readme provides instructions on migrating from 1. to 2..