Stack Overflow
Stack Overflow

Questions tagged [express-jwt]

Connect/express middleware that validates a JsonWebToken (JWT) and set the req.user with the attributes

Middleware that validates JsonWebTokens and set req.user.

This module lets you authenticate HTTP requests using JWT tokens, in your Node.js applications. JWT tokens are typically used protect API endpoints, and are often issued using OpenID Connect.

GitHub: https://github.com/auth0/express-jwt

375 questions
0
votes
1 answer

AngularJS: proper way of restoring state on page refresh?

Upon refresh (i.e. F5), everything on Angular scope is cleared and reloaded, so how can I restore the page where the user left off, including keeping him logged in/authenticated? There's a couple suggestions about how I can accomplish this, but most…
PDN
  • 771
  • 2
  • 13
  • 29
0
votes
1 answer

Having issues with JWT and express-JWT

I'm testing out express-jwt and jsonwebtokens. I've never used this before and would like some help! I've got the basics setup done and I only have one protected route. app.use('/api', expressJWT({secret: 'cat'})); Unfortunatley, i'm not able to…
b26
  • 188
  • 2
  • 11
0
votes
1 answer

How correctly work with JWT and node

I just start working with node app. For authentification I use JWT. So I have a question, how correctly work with it on UI and Backend side. For example I get token, save it on session storage and then I send request for some collection for current…
Lyntik22
  • 23
  • 6
0
votes
1 answer

Can you sign tokens using express-jwt since it seems to mainly focus on verification of JWT?

I am using an express app and I want to to implement token based authentication I wonder what libraries do I need mainly on both client side and server side? I looked at express-jwt I don't see that library can actually sign the web tokens but I can…
user1870400
  • 6,028
  • 13
  • 54
  • 115
0
votes
1 answer

How to revoke express-jwt tokens in express.js / passport-http-bearer

This is my router: expressJwt = require('express-jwt') router.post '/signin' , controller.signUp router.get '/signout/:id' , expressJwt(secret:secretToken, isRevoked: isRevokedCallback), controller.signOut This is my signOut…
Stephan Kristyn
  • 15,015
  • 14
  • 88
  • 147
0
votes
1 answer

JSON Web Token exp time confusion

What is a good expiration time for a JWT so that a user will never get logged out unless he cliks log out? Note that the node.js server could be up and running forever
OneMoreQuestion
  • 1,693
  • 3
  • 25
  • 51
0
votes
0 answers

Best practice to store secret for generating JWTs in a NodeJS app

I am using JWTs for authenticating users on a SPA (NodeJS backend, Angular frontend). I have a function in my User model to generate a JWT when the user signs in: // ./models/user.js - with Waterline as ORM var Waterline = require('Waterline'); var…
Ole Spaarmann
  • 15,845
  • 27
  • 98
  • 160
0
votes
1 answer

expressJwt: accessing req.user on page that does not require login

I am using expressJwt (https://github.com/auth0/express-jwt) to do my user validation for an angularjs website. I have an interesting situation where I have a URL (/username/somedata) where anyone can access this page. If they are not logged in, or…
codephobia
  • 1,580
  • 2
  • 17
  • 42
0
votes
1 answer

JWT for CSRF protection on unauthenicated endpoints?

I have a load of api endpoints that I want to protect from CSRF. I'd like to do this in a stateless way, so naturally JWT comes to mind. The problem is, these endpoints do not require the user to be logged in. So, my problem is, I can use JWT, but…
bluepnume
  • 16,460
  • 8
  • 38
  • 48
0
votes
1 answer

In express-jwt is there any way option similar to req.isAuthenticated() similar to passportjs?

I want to find whether the user is authenticated 'jwt' inside middleware. Is there any way like req.isAuthenticated() similar to passportjs? module.exports = function(app){ return function(req, res, next){ // How to implement the…
Ordre Nln
  • 157
  • 3
  • 11
0
votes
1 answer

Google API Callback on Stateless REST server

We are running a typical MEAN setup - Angular for the frontend rendering, node.js (express) as server. Static HTML/Javascript assets are served from node without requiring authentication. All data displayed in the frontend is requested by Angular…
Hinnerk
  • 145
  • 2
  • 7
0
votes
1 answer

With Express-jwt, how to use routing aliases?

This is the Express way of wiring the routing: // routes app.get('/grid', function .. .. app.use('/grid', expressJwt({secret : secret})); But when I use aliases to wire the routing (express >= 4) .. var gridRouter = express.Router() , authRouter …
Stephan Kristyn
  • 15,015
  • 14
  • 88
  • 147
0
votes
1 answer

Use of node's callback style

I have this code structure: app.post('/signin', function(req, res, next) { passport.authenticate('local-login', function(err, user, info) { if (err) { // return next(err); return res.send(401) } if (!user) { return res.send(401);…
Stephan Kristyn
  • 15,015
  • 14
  • 88
  • 147
0
votes
1 answer

Express-jwt with $window.localStorage throws SyntaxError

I was following this tutorial: https://auth0.com/blog/2014/01/07/angularjs-authentication-with-cookies-vs-token/ When a http request is made to the /restricted from the front-end, I get this error in the cmd: SyntaxError: Unexpected token m at…
Markus Pint
  • 348
  • 3
  • 17
0
votes
1 answer

What is the point of signing jwt if it can be decrypted without it

I am experimenting with jwt , and while doing some research i fount this JWT DECODER i thought i would have to enter token and my secret key to decrypt the token . But i was surprised see it only required token to decrypt it. What is the use of…
user2373881
  • 119
  • 1
  • 2
  • 10
1 2 3
24
25