reactjsnode.jscookiesjwtmern
How to log out and clear cookies after jsonwebtoken expires?
Since the lifetime of JWT token is 15 seconds, I want to clear the cookie after that time. But I don't know how to do it properly. Does it need to be done on the server side or can it be done on the client side? Code with description below
Using mongoose I create a user model and add a JWT token to it.
const mongoose = require('mongoose');
const jwt = require('jsonwebtoken');
const userSchema = new mongoose.Schema({
email: { type: String, required: true },
password: { type: String, required: true },
});
userSchema.methods.generateAuthToken = function() {
const token = jwt.sign({ _id: this._id }, process.env.JWTPRIVATEKEY, {expiresIn: "15s"})
return token
};
const User = mongoose.model('users', userSchema);
module.exports = { User }
const router = require('express').Router();
const { User } = require('../models/User');
router.post('/', async (req, res) => {
try {
const user = await User.findOne({ email: req.body.email });
const token = user.generateAuthToken();
res.status(200).send({ data: token, message: "Logging in is successful" });
} catch (error) {
console.log(error);
res.status(500).send({ message: 'Internal Server Error' })
}
});
data: token This is the key issued by JWT. Recall that this is the JWT token that is created when a user is created. See the previous code
Next is a simple form where I make a request and receive a token in response, which I store in cookies
import { Cookies } from "react-cookie";
const cookies = new Cookies();
const handleChange = ({ currentTarget: input }) => {
setData({ ...data, [input.name]: input.value });
};
const handleSubmit = async (event) => {
event.preventDefault();
try {
const url = "http://localhost:8080/api/auth";
const { data: res } = await axios.post(url, data);
cookies.set('token', res.data);
} catch (error) {}
<form onSubmit={handleSubmit}>
<input type="email" name={"email"} value={data.email} onChange={handleChange} required placeholder={"Email"} />
<input type="password" name={"password"} value={data.password} onChange={handleChange} required placeholder={"Password"} />
<button type="submit">Login</button>
</form>
And this is the JWT token I mentioned above.
Solution
You would check if the JWT token has expired on the client side before running any requests that need it using jwt.verify().
jwt.verify(token, 'shhhhh', function(err, decoded) {
if (err) {
/*
err = {
name: 'TokenExpiredError',
message: 'jwt expired',
expiredAt: 1408621000
}
*/
}
});
Inside the if (err), you would handle invalidating the user’s session, such as deleting the expired token from their cookies and redirecting them to your login form.
- Property 'toBeInTheDocument' does not exist on type 'Matchers<any>'
- Login to chrome extension via website with AWS amplify
- how to get react app to display api data as html instead of string when passed as prop
- Import "rest_framework" could not be resolved. But I have installed djangorestframework, I don't know what is going wrong
- Why is React component losing state sometime between setting state and keydown?
- CSS Modules and CSS keyframe animations
- Access token obtained with 'auth-code' login flow with 'drive.file' scope, later used for picking file and on the server returns "entity not found"
- _dirname is not defined in ES module scope
- How to pass returned value to different component
- Correct way to handle conditional styling in React
- Can i call componentWillUnmount (functional component) with current data?
- How to create unique keys for React elements?
- Warning: Text content did not match. Server: "I'm out" Client: "I'm in" div
- Compilation error due to (non-existant) import of react-refresh
- applying the same selectors on sibling have a slightly different behaviour
- Next js with react-leaflet window is not defined when refreshing page
- My Component in React JS application don't read the Headers from REST-Api - Headers is Empty
- react-select: How do I resolve “Warning: Prop `id` did not match”
- React Hooks - Input loses focus when 1 character is typed in
- WebSocket connection to 'wss://domain:3000/ws on production server. No websocket was actually installed
- How to remove Query Params
- Next js set query param. Why this way?
- How can I create a subrouter with React Router v6?
- useState or useRef for form submit
- How to add <canvas> support to my tests in Jest?
- Material-UI - How to customize dropdown icon in Autocomplete?
- How to render pseudo before content dynamically in styled-component
- I have a shopping app component that I only want to show on a particular page. Tried useLocation but the component has dynamic ids
- Nested Flexbox for navbar
- how to download file in react js