Open jovi-tsx opened 2 years ago
So, I made a few changes:
// jwtStrategy.js
passport.use(new JwtStrategy(
{
jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
secretOrKey,
},
(payload, done) => {
console.log(payload)
return done(null, payload)
},
))
// googleAuth.js
authRouter.get('/callback', passport.authenticate('google', {
failureRedirect: '/',
session: false
}), (req, res) => {
const user = {
display_name: req.user.displayName,
email: req.user._json.email,
provider: req.user.provider
}
const token = generateJWT(user)
req.headers.authorization = `Bearer ${token}`
res.redirect('/')
})
If I try to GET my url with postman passing in the header my bearer key, my page works fine, but in browser i always get unauthorized and when i check debug tool, in my request headers, Authorization
isn't there.
This will not work because your token is not in a header value but in a cookie, you need to use the coockieExtractor for this.
x-auth-cookie
is not a header value, Cookie
is but it is not common to use the cookie header directly.
You are looking for something like this: request.headers.authorization = token;
please consult the documentation of express on how to set a header value.
Why is my routes always getting unauthorized?
This is where i'm setting my JWT Token:
This is how i'm generating the token (gerateJWT):
This is my JWT Strategy:
In my route i'm just using:
My request headers:
My JWT Strategy doesn't even reach the payload/done callback, tried to console log and nothing, I tried everything