How to differ wrong and expired tokens

[DzmitryU]

Hello everyone!

Now I use following code for authentication:

const jwtOptions = {

    jwtFromRequest: ExtractJwt.fromAuthHeader(),

    secretOrKey: 'jwtSecret'
};

...

passport.use(new JwtStrategy(jwtOptions, (payload, done) => done(null, payload)));

...

passport.authenticate('jwt', { session: false },

    (err, payload) => {

    if (payload) {

         ...

     } else {

        ...

     }

})

But for expired and wrong token I get payload=false and err=null. Does there exist any way to handle this different cases and determine what caused empty payload? (if token was wrong/missing or expired)

[noinkling]

Add a third parameter to the authenticate callback (e.g. info). If verification fails that will contain the specific error.

See #75 for more info

[mikenicholson]

Looks like @noinkling answered the question sufficiently.