Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Not able to get jwt token from authorization header #190

Closed
JohnnyHandy opened this issue Dec 13, 2019 · 2 comments
Closed

Not able to get jwt token from authorization header #190

JohnnyHandy opened this issue Dec 13, 2019 · 2 comments

Comments

@JohnnyHandy
Copy link

Whenever I make the request with postman with the bearer token feature, it works and I get access to the route, but when I am trying to do it out of postman, on my browser, it does not work and I only get "Unauthorized"

Passport.js

const options = {
        jwtFromRequest:ExtractJWT.fromAuthHeaderAsBearerToken(),
        secretOrKey:jwtSecret.secret
    };
    
    passport.use(
        'jwt',
        new JWTStrategy(options,(jwt_payload,done)=>{
            console.log('jwt from request '+options.jwtFromRequest);
            try{
                User.findOne({
                    where:{
                        id:jwt_payload.id
                    },
                }).then(user=>{
                    if(user){
                        console.log('User found in DB in passport')
                        done(null,user)
                    }else{
                        console.log('User not found in db');
                        done(null,false)
                    }
                });
            } catch(err){
                done(err)
            }
        })
    )

Login Route ;
notice that I am doind a res.set to set the header as authorization: 'bearer ' + token to set the header. It sets the header, but when I try to access the protected route, the passport jwt does not seem to get the header value or something like it

router.post('/', (req,res,next)=>{
    passport.authenticate('login',(err,user,info)=>{
        if(err){
            console.log(err)
        }
        if(info !== undefined){
            console.log(info.message + 'line 17');
            res.send(info.message);
        }else{
            req.logIn(user,err=>{
                    console.log('user>'+JSON.stringify(user))
                    const token = jwt.sign({id:user.id},jwtSecret.secret);
                    res.set('authorization','Bearer '+token)
                    res.status(200).send({
                        auth:true,
                        token:token,
                        message:'User found & logged in'
                    })
            })
        }
    })(req,res,next)
})

I dont think that is relevant to mention it here, but the route that I am trying to access is this one:

var findUsers = require('./routes/findUser')
app.use('/findUser',passport.authenticate('jwt', { session: false }),findUsers)

TL;DR: Cant have access to protected route in my browser, but when I do the request with postman it works!
@JohnnyHandy JohnnyHandy mentioned this issue Dec 15, 2019
Closed
@mjzalewski
Copy link

Authorization is a request header, not really valid in the response. So your browser is probably not sending back an Authorization header just because you sent it in the previous response.

@mikenicholson
Copy link
Owner

Closing as Github issues are not the right place for this kind of request. Please use issues for bugs or problems with the functionality of this module. For help with implementation or debugging consider stack overflow or the many tutorials available.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@mikenicholson @mjzalewski @JohnnyHandy