1

I am able to create jwt on successful user login. But when I am using jwt strategy for other routes, I am getting 'WWW-Authenticate →Token' in the header also error comes :

{
    "statusCode": 401,
    "error": "Unauthorized",
    "message": "Missing authentication"
}



 {
    method: 'GET',
    path: '/example',
    config: {
        auth: {
            strategy: 'jwt'
        },
        handler: function(request,
        reply){
            returnreply('Success,
            youcanaccessasecureroute!');
        }
    }
}

If anybody knew how I remove this error please reply.

Garima
  • 1,566
  • 2
  • 11
  • 14
  • 2
    You have to send the token in the request `Authorization` header. – Matt Harrison Jun 24 '16 at 06:36
  • Thanks, its done. Do you have any idea of setting 'hapi-auth-bearer-token' .? Please let me know. – Garima Jun 24 '16 at 06:49
  • How to stop passing jwt token in header after logout? – Garima Jun 24 '16 at 07:11
  • Because now I am sending token in 'Authorization Header' using POSTMAN. So after logout too if anyone else send the same token in 'Authorization Header', then anyone can access the route as by jwt.decode, we get the id that exists in db. Please tell me how it can be done securely? – Garima Jun 24 '16 at 07:50

0 Answers0