mikenicholson
commented
7 years ago This strategy is really only designed to parse and verify a single JWT, not multiple.
Perhaps you should use the JWT containing the user info in conjunction with this strategy for authentication and then use some other mechanism to parse the refresh token from the request if you need that.
Closing for now since I don't think this is how the passport-jwt strategy is designed to work. Feel free to reopen if you have a code example or I'm missing something.
I am trying to pass multiple JWTs, one with the user info and the other one with the refresh token. I am using JWT for the refresh token because I can setup the expiration date. Per docs I am using
ExtractJwt.fromAuthHeaderWithScheme('REF')for the refresh token. The problem is that they don't work at the same time. I am using them for different routes but they still don't work. I think passport uses the same strategy for both of them.