This is my router:
expressJwt = require('express-jwt')
router.post '/signin' , controller.signUp
router.get '/signout/:id' , expressJwt(secret:secretToken, isRevoked: isRevokedCallback), controller.signOut
This is my signOut endpoint:
exports.signOut = (req, res) ->
console.log res.user
What do I need to put into my endpoint to revoke the token.
I tried putting this function into my router:
isRevokedCallback = (req, payload, done) ->
for key, value of payload
console.log(key + ' ' + value)
# The below part does not work. Also I don't know what data should refer to
issuer = payload.iss
tokenId = payload.jti
data.getRevokedToken issuer, tokenId, (err, token) ->
if err
return done(err)
done null, ! !token
return
The list comprehension indeed logs out:
iat 1436437563
exp 1436653563
And there is also also a user object in my endpoint logged out:
user [object Object]
Now how to put the pieces together and revoke the JWT Token, so that the user who's token it is is not able to login anymore with that Token (or alternatively expire it immeadiately)?
Here is some sample console log of my user object:
{ user:
{ __v: 0,
_id: '559e6aad50cdf686db31ea55',
local:
{ password: '$2a$08$YBvzOWADlw9tZCDh3aG/j.gV.Tbaesk3pLbbiHL/lkGaC08bSbGmy',
email: 'dieter@mustermann.de' } },
iat: 1436445357,
exp: 1436661357 }
GET /user/signout/559e6aad50cdf686db31ea55 401 2.530 ms - 12
ERROR:Error: expected 200 "OK", got 401 "Unauthorized"
1) should sign out via passport.js
