I am trying to authorise my JWT token with passport middleware but the strategy callback function is not getting called.
In my app.js file, I am specifying for my /users routes to use the middleware like so:
app.use('/users', passport.authenticate('jwt', { session: false }), users);
I then have a seperate file ./passport.js (which I have required at the top of my app.js) where I specify my passport strategy:
passport.use(new JWTStrategy({
jwtFromRequest: ExtractJWT.fromAuthHeaderAsBearerToken(),
secretOrKey : 'jwt_secret_key'
},
function (jwtPayload, cb) {
console.log('jwtPayload', jwtPayload)
}
));
I can't get the console log to run though.
I am using postman to test this and have selected Bearer Token from the authorization options. I can see that this is adding a header to my request.
When I log my request object in my node app, I can see it looks like this:
headers: {
authorization: 'Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJfaWQiOiI1YWM0YWI2ZTk1MWJiMjE1M2NhMjc0OWUiLCJmaXJzdF9uYW1lIjoiQW5kcmV3IiwibGFzdF9uYW1lIjoiTWNDYWxsdW0iLCJlbWFpbCI6ImFtY2NhbGx1bTg5QGdtYWlsLmNvbSIsImlhdCI6MTUyMjg0NzEyNSwiZXhwIjoxNTIyODUwNzI1fQ.WH12GJHMGrGsiJNIwUG2Dx_a9cZKjw7_SW8FYlEvLmk',
accept: '*/*',
host: 'localhost:3037',
},
So the middleware should detect the bearer token and call the middleware?
Any help would be appreciated
Turns out my secretOrKey didn't match my secretOrKey where I was creating my JWT token.
I.E passport strategy needs to have the same secretOrKey
passport.use(new JWTStrategy({
jwtFromRequest: ExtractJWT.fromAuthHeaderAsBearerToken(),
secretOrKey : 'jwt_secret_key'
},
function (jwtPayload, cb) {
console.log('jwtPayload', jwtPayload)
}
));
as
const secretOrKey = 'jwt_secret_key'
const token = jwt.sign(payload, secretOrKey, { expiresIn });