search

mikenicholson / passport-jwt

Passport authentication using JSON Web Tokens
MIT License
1.96k stars 213 forks source link

What am I doing wrong #138

Closed shifatul-i closed 6 years ago

shifatul-i commented 6 years ago

I don't know what happened, but my Passport Jwt Auth is not working.

in app.js

app.use(passport.initialize());

passport.serializeUser(function (user, done) {
    done(null, user);
});
passport.deserializeUser(function (user, done) {
    done(null, user);
});

passport.use(new JwtStrategy({
        secretOrKey: jwtSecret,
        jwtFromRequest: JwtExtract.fromAuthHeaderAsBearerToken()
    }, function (payload, done) {
        console.log("Auth : JwtStrategy");
        moduleUser.User.findById(payload._doc._id)
            .exec()
            .then(function (user) {
                    if (user) done(null, user);
                    else done(null, false);
                }
            )
            .catch(function (err) {
                return done(err, false);
            });
    }
));

NOTE: console.log("Auth : JwtStrategy"); never gets called

My Login API

router.post('/login', function (req, res) {
    if (req.body.username && req.body.password) {
        moduleUser.User.findOne({username: req.body.username, password: req.body.password})
            .exec()
            .then(function (user) {
                if (user) {
                    res.json({
                        success: true,
                        message: 'Login successful',
                        token: 'JWT ' + jwt.sign(user.toObject(), jwtSecret, {expiresIn: '14 days'})
                    });
                } else {
                    res.json({
                        success: false,
                        message: 'Please enter valid login details'
                    });
                }
            })
    } else {
        res.status(401).json({
            error: 'All information not provided'
        });
    }
});

And my Not working Private route

router.get('/private', passport.authenticate('jwt', {session: false}),
    function (req, res) {
        res.send('respond with a resource!!!!');
    }
);

`

I Always receive 401 as a response

URL: http://localhost:5000/users/private

Headers-> Authorization: JWT eyJhb......

Am I doing anything wrong here? Any help is appreciated

haidang666 commented 6 years ago

i have same problem, it's seem passport-jwt not recognize the header

nexig commented 6 years ago

@ThunderRoid if you use jwtFromRequest: JwtExtract.fromAuthHeaderAsBearerToken() maybe you should set your header like this -> Authorization: Bearer eyJhb......

shifatul-i commented 6 years ago

@nexig the documentation doesn't say anything about Authorization: Bearer eyJhb...... But I will try it out and let you know. Thank you

nexig commented 6 years ago

@ThunderRoid the readme says:

bearer

The scheme of Bearer is like I commented above. Please try it and let me know ;)

shifatul-i commented 6 years ago

It works perfectly now, THANKS so much

But why does the Documentation says.....

image

haidang666 commented 6 years ago

'JWT' if no auth schema was specified. Take a look in the function you used which is fromAuthHeaderAsBearerToken() (beaerer schema)

mikenicholson commented 6 years ago

Ah, looks like that bit of the README fell out of date. I will correct this.