You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
jwt.verify() function returns invalid signature although the signature is correct. The code was working 2 days ago with no changes, now it always returns invalid signature.
Token generation is working and it's valid based on https://jwt.io verification but verifying the token is throwing an error.
I debugged the issue and the cause from the below condition (package code, not my code).
try{// jws.verify return false which let it throw JsonWebTokenError('invalid signature') in below condition.valid=jws.verify(jwtString,decodedToken.header.alg,secretOrPublicKey);}catch(e){returndone(e);}if(!valid){returndone(newJsonWebTokenError('invalid signature'));}
Reproduction
Detail the steps taken to reproduce this error, what was expected, and whether this issue can be reproduced consistently or if it is intermittent.
create a profile and generate a new token for a specific user using the below function.
functiongenerateAccessToken(user){// user == {username: 'mike'}// process.parsed.ACCESS_TOKEN_SECRET == testreturnjwt.sign(user,process.parsed.ACCESS_TOKEN_SECRET,{expiresIn: "7d",});}
Verify the generated token.
// process.parsed.ACCESS_TOKEN_SECRET == testjwt.verify(token,process.parsed.ACCESS_TOKEN_SECRET,async(err,user)=>{// err == Invalid Signatureif(err)returnres.status(403).send(Response.forbidden({}));// check database and compare the tokensconstdbToken=awaitgetTokenByUsername(user.username);// check tokensif(token===dbToken){req.user=user;returnnext();}returnres.status(403).send(Response.forbidden({}));});
Description
jwt.verify() function returns
invalid signature
although the signature is correct. The code was working 2 days ago with no changes, now it always returnsinvalid signature
.Token generation is working and it's valid based on https://jwt.io verification but verifying the token is throwing an error.
I debugged the issue and the cause from the below condition (package code, not my code).
Reproduction
Error: JsonWebTokenError: invalid signature
Environment
The text was updated successfully, but these errors were encountered: