ExpiresIn does not working

[odisi]

I issued my token in this way:

`function issueJWT(user) { const _id = user._id;

const expiresIn = '1m';

const payload = {
    sub: _id,
    iat: Date.now()
};

const signedToken = jsonwebtoken.sign(payload, PRIV_KEY, { expiresIn: expiresIn, algorithm: 'RS256' });

return {
    token: "Bearer " + signedToken,
    expires: expiresIn
}

}`

And I am using the passport authenticate:

router.get('/protected', passport.authenticate('jwt', { session: false }), (req, res, next) => { res.status(200).json({ success: true, msg: "You are successfully authenticated to this route!" }); });

And finally I have this code that configure the strategy:

`const options = { jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(), secretOrKey: PUB_KEY, algorithms: ['RS256'], ignoreExpiration: false };

module.exports = (passport) => { passport.use(new JwtStrategy(options, function (jwt_payload, done) { User.findOne({ _id: jwt_payload.sub }, function (err, user) { if (err) { return done(err, false); }

        if (user) {
            return done(null, user);
        }
        else {
            return done(null, false);
        }
    });
}));

}`

Even though the token is expired, the last code is called. I read the documentation but does not have nothing in there. I thought some error could be returned and the last code does not should be called.

Anyone could help me?

[mikenicholson]

Unfortunately, I'm not able to troubleshoot other peoples code. If you discover a reproducible issue with this module please open an issue with a unit test, succinct code snippet or detailed instructions to reproduce.

Consider asking a question on stack overflow. Best of luck.