Issue I implemented JWT on the first VPS. On this server, I have controllers in Laravel and a database where users are stored. Now I want to add JWT on the second VPS. But JWT should get users from the
Continue readingTag: jwt
OpenID connect Successful response has # between redirect uri and access token
Issue I have setup an App in Azure Ad for Oauth 2.0 using JWT, the access token is returned successfully but the url has a hashtag(#)between the redirect URL and the access_token. Application is expecting a question mark(?) to complete
Continue readingIn SAML, what are the actions that need to be performed in the client and service provider to logout?
Issue I have gotten SAML Login working in a Go program using crewjam/samlwith a Keycloak IDP in SAML mode (I believe this is using SAMLv2 but not positive). The basics are that upon a good login, the IDP send the
Continue readinghow to get okta login page in java application
Issue I am new to okta and not sure if I understand the things correctly. I have an existing java web application and its deployed in 2 tomcat servers; one for UI and one Services. Now we are using Redhat
Continue readingDoes Nginx open source support OpenID and JWT
Issue I have a basic Nginx docker image, acting as a reverse-proxy, that currently uses basic authentication sitting in front of my application server. I’m looking for a way to integrate it with our SSO solution in development that uses
Continue readingHow to verify IdP ( identity Provider) token at resource server in Single sign-on flow using JWT for cross domain
Issue I am trying to develop a Single Sign On (SSO) using JWT for cross domain apps. After looking into few solution and threads i decided to go with following : Single sign-on flow using JWT for cross domain authentication
Continue readingHow to handle token refreshing in Spring Webflux WebClient
Issue I want to create some authentication service to be used for WebClient, so it automatically refresh the token when needed: @Service public class AuthService { private String token; private final WebClient webClient; private final Map<String, String> bodyValues; @Autowired public
Continue readingReferenceError: window is not defined in getServerSideProps for Next.js App And I Need to Store A Variable Persistantly in The getServerSideProps Func
Issue This is my getServerSideProps code: //@ts-ignore export async function getServerSideProps({ req, res, query }) { const { id } = query const cookies = Cookies(req, res) const jwt = cookies.get(‘lit-auth’) if (!jwt) { return { props: { authorized: false
Continue readingProblem with configuring NbAuthJWTInterceptor to format JWT tokens appropriately
Issue I am using ngx-admin for my new app. I have utilised the Nebular Auth framework to use JWT tokens to enable access to the back-end REST server. I can successfully authenticate and access the REST server when using Postman
Continue readinghow to include auth token on header everytime http request send?
Issue I use ngx-admin latest version, I have modify my app.module.ts like this: NbAuthModule.forRoot({ strategies: [ NbPasswordAuthStrategy.setup({ name: ’email’, baseEndpoint: ‘https://localhost:5001’, token: { class: NbAuthJWTToken, key: ‘token’ }, login: { // … endpoint: ‘/api/Auth/login’, redirect: { success: ‘/pages/dashboard’, failure: null,
Continue readingHow to update JWT version to 2.0?
Issue I have a JWT coming from Azure after authenticating myself via login.microsoftonline.com, that has the iss value of https://sts.windows.net/… (after doing some research, it seems this is due to the "ver": 1.0 of the JWT). In order to get
Continue readingHow to save an httpOnly cookie in an Angular application
Issue I’m trying to save an httpOnly cookie returned by an ASP.NET Core API with a jwt token in an Angular application, but as far as know (and I could verify that with some tests), it is not possible to
Continue readingHow to set Relogin on JWT expire MERN?
Issue I am facing an issue, my app is getting crashed with JWT Token Expired Error. I have changed the secret key also but still same issue I am facing. Here is the code : Mddleware: const auth = async
Continue readingLogout issue with Laravel JWT-auth authentication
Issue I’m use jwt-auth to make a RESTful auth resource in my API. When a client app calls the login resource, case user is logged, your current token must be invalidated and so a new token generated. But case the
Continue readingGoogle OpenID Connect Public Keys
Issue What exactly does the response from https://www.googleapis.com/oauth2/v3/certs mean? I am trying to verify a JWT I got via the Google OpenID Connect process using node-jsonwebtokens and the key used to verify the signature must be one of those two.
Continue readingCreate a NodeJS KeyObject from a string
Issue How do I create a NodeJS Crypto KeyObject from the randomish string in my .env file? I was using jsonwebtoken to create/verify JWTs, but it can’t run in nextjs middleware edge functions, so I want to migrate to using
Continue readingAuthenication with JWT returning empty array with a GET request [NodeJS]
Issue Trying to practice JWT with NodeJS but when I try to run a GET request using the headers of the Authorization: Bearer , it returns an array instead of the object with the token, I tried with the Postman
Continue readingNodejs with typescript TypeError: Passphrase required for encrypted key
Issue I am trying to make authentication with JWT in node js and following this tutorial https://www.becomebetterprogrammer.com/jwt-authentication-middleware-nodejs-typescript/ but now I am getting this error and don’t know how to solve it import { sign, SignOptions } from ‘jsonwebtoken’; import *
Continue readingIs it possible to create a JWT authentication or something similar in Node.js without using frameworks?
Issue I’m creating a Website and I’ve understood that the best authentication is through JWT, but I’m not a fun of frameworks because I like to go deep in the code and understand all the code in my files. Thus
Continue readingI can't get my httpOnly cookie from my post request using axios
Issue I am having an issue where I am not able to grab my cookies from my node.js backend. Below is my current code and when I console.log(req.cookies) It returns [Object: null prototype] {}. I had a similar issue in
Continue readingSocket.io – Authentication on every socket event for Session management
Issue How to use an authentication middleware that triggers on each socket event instead of each connection? I want to use this for session management in a react-node application. I’ll send a JWT token once a user logs in and
Continue readingHaving trouble with JsonWebToken; JsonWebToken Error: JWT must be provided
Issue I’m building my first SPA project with Vue. I decided to go with NodeJS for the back-end, however, I’m having a headache building the login function with the JsonWebToken. I had wrote some codes to see how JWT works
Continue readingIs JWT necessary over HTTPS communication?
Issue I’m developing a MEAN stack application, and I’m currently setting up an account system. I’ve seen several tutorials about Authentication, all using JWT. I am wondering if, JWT could be used as way to secure communication transport over non-secured
Continue readingtrying to empty out the cookie and error happens
Issue const logoutUser = (req, res) => { res .cookie("accessToken", "", { maxAge: 0, httpOnly: true }) .cookie("refreshToken", "", { maxAge: 0, httpOnly: true }) .status(200) .send({ thanks }); console.log("hello"); }; this is the error that arises CastError: Cast to
Continue readingCheck if token expired using this JWT library
Issue I’ve configured the token like this: jwt.sign( { user: pick(user, [‘_id’, ‘username’]) }, secret, { expiresIn: ‘2m’ } ); But when I want to check if the token was expired, this code doesn’t work: function isAuthenticated() { const token
Continue readingPassing authentication token in header while redirecting to a new SPA page
Issue Assume these: A ———————–> B (Sender website) (Angular website) We implemented a normal Angular SPA (B) that its index.html and other resources are simply hosted in IIS and there is a simple rewrite rule for handling the routes in
Continue readingprevent multiple login from same user in React Node App
Issue I am unable to understand what should I do to prevent multiple login of same user. I am using google login with firebase in my React Node App with JWT token. How to make user logged out if login
Continue readingNullInjectorError: No provider for JwtHelperService
Issue I’m in Angular 5. First: npm install @auth0/angular-jwt –save Then I import it: import { JwtHelperService } from ‘@auth0/angular-jwt’; This is my authentication service: import { JwtHelperService } from ‘@auth0/angular-jwt’; @Injectable() export class AuthService { constructor(public jwtHelper: JwtHelperService) {
Continue readingImpersonate user with google calendar API oauth2 service account (node.js)
Issue I am trying to use a server to server authentication through the google calendar API. In the documentation they mention you can impersonate a user. I have added owner permissions to the account I want to impersonate and made
Continue readingTypeError: expressJwt is not a function
Issue I’m trying to write middleware for user authorization in my app. I use this function to check if a route requires being sign in. The code is as follows: const { expressJwt } = require(‘express-jwt’); exports.requireSignin = expressJwt({ secret:
Continue readingAdd authentication to OPTIONS request
Issue How can I add headers to the OPTIONS request made towards a cross-domain API? The API I’m working against requires a JWT token set as Authorization header on all requests. When I try to access to the API Angular
Continue readingES6 imports for JWT
Issue I’m making a nodeJS web app and I’m using JWT for authentication. All my work is in ES6 modules and I wanted to import JWT in the same way, but apparently it isn’t yet supported by the package. I
Continue reading"Uncaught (in promise) SyntaxError: Unexpected token < in JSON at position 0" ERROR — NodeJS, MongoDB, React Application
Issue I’m trying to fetch an array from my user database from my react app. The response I’m getting is an HTML file, but I’m not sure why it’s not working as I have the same code working perfectly for
Continue readingHow to set authorization headers with nodejs and express
Issue I am setting up a site with nodejs, express, mongoose and swig template following this tutorial : Authenticate a Node.js API with JSON Web Tokens In this tutorial the author uses Postman to set the token in the header.
Continue readingNestJS Set AccessToken in an HttpOnly Cookie
Issue I am implementing JWT in NestJS + Angular but I am not sure if I am doing it correctly. Here is my endpoint: @Post(‘sign-up’) async signUp( @Body() data: SignUpModelInterface, @Res({ passthrough: true }) response: Response ): Promise<void> { const
Continue readingError on validating JWT token IDX12741. JWT: must have three segments (JWS) or five segments (JWE)
Issue I’m trying to implement token refresh feature in angular 12 and .net core 5. this is my JWT service registration: startup.cs: services.AddAuthentication(options => { options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme; options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme; options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme; }).AddJwtBearer(options => { options.SaveToken = true;
Continue readingJWT Signing in NodeJS and but unable to verify in Java
Issue I want to pass a JWT token from a NodeJS service to another service in Java. However, based on the what I’ve tried, the token is always invalid whenever I try to verify it on the Java side. I
Continue readingUnauthorized Error when I want to delete article with authentification (jwt)
Issue I’ve created a route called login and another one function(middleware), if the authentication is good, this can be redirected to the delete route but unfortunately, my jwt token is not recognizable. I want to know why, the problem must
Continue readingAngular project Token removal when browser is closed
Issue I have an angular project and I provide token based login in this project. When the user exits using the exit button, I delete the current token from the database, but I cannot delete it when the browser is
Continue readingjwt.verify not throwing error for expired tokens
Issue I’m using JWT – jsonwebtokens in Nodejs. I’m creating a token and want to throw an error if the token expires. My token is created successfully and I’m checking the token expiry in middleware of Apis in Expressjs. Then
Continue readingAlways getting invalid signature in jwt.io
Issue I always get invalid signature when I input the generated token in jwt.io Here is my code for making the token const secret = ‘secret’; const token = jwt.sign({ username: user.username, userID: user._id }, secret, { expiresIn: “1hr” }
Continue readingDo JSON-Web Tokens (JWTs) cover both authentication and authorization?
Issue I am researching on how to create a blog website that allows a user to sign in and based on his/her user role they can edit blogs, delete blogs, etc. but only if they are the user that created
Continue readingHow can I create JWT refresh token on node js?
Issue I am using a simple JWT auth firebase. backend checks if its a valid user and gives back an access token using JWT. Now I want to implement a refresh token. How can I do it? What should be
Continue readinghow to access ["x-access-token"] in vue js front end
Issue hello i’ve an application that uses ["x-access-token"] as token in the header, when i try to access the token in the header i keep gettting "no token provided", i use jwt for authentication error i get in my console
Continue readingUnauthorized Error when I want to delete article with authentification (jwt)
Issue I’ve created a route called login and another one function(middleware), if the authentication is good, this can be redirected to the delete route but unfortunately, my jwt token is not recognizable. I want to know why, the problem must
Continue readingretrieve user's data after signing in using express and JWT
Issue I’m new to node.js and express, I’ve implemented signing in and verification functionality using JWT cookies, how after verifying the user is signed in I can retrieve his username to use in other pages? This is my auth.js file
Continue readingDo JSON-Web Tokens (JWTs) cover both authentication and authorization?
Issue I am researching on how to create a blog website that allows a user to sign in and based on his/her user role they can edit blogs, delete blogs, etc. but only if they are the user that created
Continue readingTypeError: expressJwt is not a function
Issue I’m trying to write middleware for user authorization in my app. I use this function to check if a route requires being sign in. The code is as follows: const { expressJwt } = require(‘express-jwt’); exports.requireSignin = expressJwt({ secret:
Continue readingHow to set authorization headers with nodejs and express
Issue I am setting up a site with nodejs, express, mongoose and swig template following this tutorial : Authenticate a Node.js API with JSON Web Tokens In this tutorial the author uses Postman to set the token in the header.
Continue readingJWT Signing in NodeJS and but unable to verify in Java
Issue I want to pass a JWT token from a NodeJS service to another service in Java. However, based on the what I’ve tried, the token is always invalid whenever I try to verify it on the Java side. I
Continue readingHow can I create JWT refresh token on node js?
Issue I am using a simple JWT auth firebase. backend checks if its a valid user and gives back an access token using JWT. Now I want to implement a refresh token. How can I do it? What should be
Continue readingHttpOnly cookie does not get passed in request
Issue I’m trying to implement markitosgv/JWTRefreshTokenBundle in my symfony project in order to get a way to refresh my JWT token. For this, I want to generate an HttpOnly cookie, which is something supported by the bundle. When I log
Continue readingVerify a JWT token string, containing 'Bearer ' with NodeJS
Issue I send a header in a recommended form Authorization: Bearer <token>. As it looks, token string, which is ‘Bearer <token>’, is not a token, but needs the ‘Bearer ‘ substring to be removed first to get the token string
Continue readingFirebase ID token has invalid signature even on jwt
Issue Firebase ID token has invalid signature Hi all, I’m somehow new to NodeJS and I’ve only used Google Firebase a few times. Now, I’m trying to verify an idToken generated using getIdToken() method whenever a user signs up or
Continue readingWhen you want to change User's data, should you delete the jwt and create a new one for the session?
Issue I am implementing in React and Node, update of user’s data. After making the change in DB, should you delete that token and generate a new one? Updating values in Redux? Solution We generally do not store more than
Continue readingShould I return null when only HTTP status code is important?
Issue I’m programming a reset password system in nodejs + JWT. In some functions I dont’t really need to send nothing as answer to the frontend, just is important the HTTP Status Code.. But i’m not sure if it’s a
Continue readingShould I return null when only HTTP status code is important?
Issue I’m programming a reset password system in nodejs + JWT. In some functions I dont’t really need to send nothing as answer to the frontend, just is important the HTTP Status Code.. But i’m not sure if it’s a
Continue readingHow to generate a refresh token?
Issue I am implementing JWT in one of my node apps. I am wondering, if there is any definite format/ structure in which a refresh token should be generated? By definite format I mean whether a refresh token contain any
Continue readingHow to generate a refresh token?
Issue I am implementing JWT in one of my node apps. I am wondering, if there is any definite format/ structure in which a refresh token should be generated? By definite format I mean whether a refresh token contain any
Continue readingHow worried should I be about opening up a JWT to an XSS vulnerability?
Issue I am building a node.js web application with react for the the GUI and graphQL served with Apollo for the back-end connecting to a RDS (MySQL) instance on AWS. I am authenticating users and then returning JWTs. I have
Continue readingHow worried should I be about opening up a JWT to an XSS vulnerability?
Issue I am building a node.js web application with react for the the GUI and graphQL served with Apollo for the back-end connecting to a RDS (MySQL) instance on AWS. I am authenticating users and then returning JWTs. I have
Continue readingTypeError: User.generateAuthToken is not a function
Issue userSchema.methods.generateAuthToken = async function() { const user = this const token = jwt.sign({_id:user._id.toString()},’thisisnewcourse’) return token} const token = await User.generateAuthToken() When I call the generateAuthToken(), its showing type error. Line 1 is showing error. Solution I think there is
Continue readingTypeError: User.generateAuthToken is not a function
Issue userSchema.methods.generateAuthToken = async function() { const user = this const token = jwt.sign({_id:user._id.toString()},’thisisnewcourse’) return token} const token = await User.generateAuthToken() When I call the generateAuthToken(), its showing type error. Line 1 is showing error. Solution I think there is
Continue readingWhy are cookies not sent to the server via getServerSideProps in Next.js?
Issue Cookies are not sent to the server via getServerSideProps, here is the code in the front-end: export async function getServerSideProps() { const res = await axios.get("http://localhost:5000/api/auth", {withCredentials: true}); const data = await res.data; return { props: { data }
Continue readingWhy are cookies not sent to the server via getServerSideProps in Next.js?
Issue Cookies are not sent to the server via getServerSideProps, here is the code in the front-end: export async function getServerSideProps() { const res = await axios.get("http://localhost:5000/api/auth", {withCredentials: true}); const data = await res.data; return { props: { data }
Continue readingWhen you want to change User's data, should you delete the jwt and create a new one for the session?
Issue I am implementing in React and Node, update of user’s data. After making the change in DB, should you delete that token and generate a new one? Updating values in Redux? Solution We generally do not store more than
Continue readingNodeJs :Error 401(Unauthorized), passport, jwt. MEAN stack, node, express, angular, mongoose
Issue I’m new to Node, so i hope for you help… I’m working at MEAN stack app, and trying to implement auth system by passport-jwt. Registration/login forms and pages are working corectly and i can access token and store it
Continue readingHow to extract token string from Bearer token?
Issue For example I have following Bearer JWT in my header, what’s a elegant way to extract the token itself? Basically anything after Bearer. Since this could be in other formats, I don’t want to assume it always starts with
Continue readingnode.js express only return elements related to the user
Issue I want to only return the trades that belong to the currently logged in user. I store the user inside the header of each request. In each trade I have stored the creator. My GET method looks like this:
Continue readingWhy isn't .env.development working in my Next.js app?
Issue I am writing Jest/testing library tests. Let’s say we have a component called BenchmarksPage. Please look at the first line of its return statement. import { Box, capitalize, Container, FormControl, InputLabel, MenuItem, Select, } from ‘@material-ui/core’; import { NextPage
Continue readingHandle JWT token and cas login state
Issue I’ve some trouble about the logic of handling my SSO login with cas and the jwt state. Before starting: User to auth to my app, need to visit cas including as a parameter in url the name of app
Continue readingCannot verify JWT with RS256 – invalid algorithm
Issue I am trying move my JWT Auth from secret phrase to RS256 here is example code: import fs from ‘fs’ import jwt from ‘jsonwebtoken’ const private_key = fs.readFileSync(‘private.key’) const public_key = fs.readFileSync(‘public.pem’) const token = jwt.sign({ some: ‘payload’ },
Continue readingTried to verify JWT signature by myself in nodejs to understand internal working of JWT, but decrypted signature gives wrong value
Issue To understand how digital signatures and JWT work, I tried to verify a JSON Web Token using RS256 algorithm. However, when I decrypt the signature part of a JWT it gives non-string values, so I cannot compare the value
Continue readingVerifying Auth0 JWT throws invalid algorigthm
Issue I have created an Auth0 client, I am logging in and receive this token: eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6Ik1rVkdOa1l5T1VaQ1JqTkRSVE5EUmtNeU5rVkROMEUyUTBVMFJrVXdPVEZEUkVVNU5UQXpOZyJ9.eyJpc3MiOiJodHRwczovL3RvdGFsY29tbW56LmF1LmF1dGgwLmNvbS8iLCJzdWIiOiJnb29nbGUtb2F1dGgyfDEwMzI5NzA4OTYyMTk5NjUwMjY2MiIsImF1ZCI6ImxTWUtXMUZZdENkMWJLQmdXRWN0MWpCbmtDU3R2dW5SIiwiaWF0IjoxNTA5ODYyMTI1LCJleHAiOjE1MTAyMjIxMjV9.kjmckPxLJ4H9R11XiBBxSNZEvQFVEIgAY_jj2LBy4sEJozBB8ujGE7sq9vEIjMms-Lv2q9WzFQPrqcxyBcYC4Je4QojMgvqLDCodtpot0QUle8QfGmonc1vZYIZyX-wqyOXtRqhoZVEKTeLhm9Le2CV4_a3BwgjkE1LjcDx01GZfsnaId8mh10kGk-DBmr5aVc8MxglLCq5Uk8Zbl2vDc__UMDgx1eQPQg-zve4fUf8zHcxizypYTnF_v0dEAT00L2j5J41SFYdWvP6ReQ3vhVYew2o9iM6u1s75HE-xW8s4pzV4BZAQtgfgIeCd6aVGZs76bcnQXBLej1B7zaPBvA What I am trying to do now is to verify the token using jsonwebtoken. The token is signed with an RS256 algorithm. I downloaded
Continue readinghow do we pass the user id into a route in app.js?
Issue my teammate and I are stuck on solving a critical problem, which is how do we pass the user_id from one component to another in app.js . For example, we are able to register, login, and logout perfectly; but
Continue readingTypescript error with accessing jwt-decode object
Issue I have installed @types/jwt-decode and I’m having trouble getting this to work. import jwtDecode from ‘jwt-decode’ … let decodedToken = jwtDecode(token); console.log(decodedToken) // this works! I can see the full object console.log(decodedToken.exp) // error Object is of type ‘unknown’.ts(2571)
Continue readingKeycloak sessions – when I disconnect them from the admin page, they still work
Issue I have a Keycloak realm with some users as an IdP for a nodejs + typescript project. I currently have those two sessions, as it shows: if I press on Logout all, they disappear from here but they still
Continue readingWhy do we need JWT tokens for security despite still able to change own`s
Issue I’ve been searching how to make a public http request secure and all the answers are to use a token like JWT. But from what I understand, the reason for using this token. Isn’t this to prevent someone from
Continue readingAzure "JsonWebTokenError: invalid algorithm"
Issue Azure Static Web App (SWA) with integrated API. One of the step at backend API is to validate the Bearer Token with public key submitted in request headers: const jwt = require("jsonwebtoken"); // v 8.5.1 async function getMSPublicKey(misc) //
Continue readingCan data be retrieved from the Google Fitness REST API using a JWT token to authenticate?
Issue Apologies for my previous badly formulated question. I am trying to write a standalone NodeJS app, that retrieves activity data from the Google Fit REST API and writes it locally as a json file. The app will run unattended
Continue readingSuitable version for coreJS in Angular 8.2.14
Issue Proving a HTTP Request on browser in AngularJS 8.2.14, it appears an Error in coreJS, among with zone-evergreen.js core.js:6014 ERROR HttpErrorResponse {headers: HttpHeaders, status: 200, statusText: "OK", url: "http://localhost:9898/api/v1/usermanage/users", ok: false, …}error: {error: SyntaxError: Unexpected end of JSON input at JSON.parse
Continue readingAuthentication with JWT Laravel 5 without password
Issue I’m trying to learn Laravel and my goal is to be able to build a RESTful API (no use of views or blade, only JSON results. Later, an AngularJS web app and a Cordova hybrid mobile app will consume
Continue readingAngular 5 HttpClient Interceptor JWT refresh token unable to Catch 401 and Retry my request
Issue I am trying to implement a catch for 401 responses and tried obtaining a refresh token based on Angular 4 Interceptor retry requests after token refresh. I was trying to implement the same thing, but I never was able
Continue readingAngular 5 HttpInterceptor and sending Authorization Token in header
Issue My flow is login page -> home page. Login page has no token, after logging in, server provides token and user is redirected to home page. Home page sends the token to server, token is verified, server sends back
Continue readingCanActivate returned true but still got 401 Unauthorize error in component
Issue I am true that CanActivate returned true but in my component when I call the database still get 401 error. @Injectable() export class AuthGuard implements CanActivate { constructor(private route: ActivateRouteSnapshot, private tokenService: TokenService) {} public canActivate = ( route:
Continue readingHow do I properly mock a class public function in jest?
Issue I have the following jest test it("should return props on stage.e.com", async () => { ((savedStoriesService as unknown) as jest.Mock).mockReturnValue({ getStoriesFromList: jest.fn().mockResolvedValue([]), }); const jwt = mockJwt({ custom_attributes: { CustomerType: "Subscribed" }, }); const result = await getServerSideProps(({ req:
Continue readingHow to set HTTP only cookie in NestJS
Issue I am trying to implement JWT authorization with accessToken and refreshToken. Both the accessToken and refresh token need to be set in HTTP only cookie. I tried this code but it is not setting cookies. I am using NestJS
Continue readingRedirecting in case of a 401 on JWT refreshing
Issue I’m currently developing an Angular 9 application with JWT authentication on the backend. I’ve followed a tutorial that has guided me through making an HTTPInterceptor to refresh my JWT if it is expired, using the refresh token. My tokens
Continue readingHow to store a JWT token inside an HTTP only cookie?
Issue I have created an app that simply uses a JWT sent by the server upon correct login credentials, and authorizes against any /api route on my backend Express.js server. AngularJS, on the other hand, took this token, stored it
Continue readingNodeJs – Retrieve user information from JWT token?
Issue Node and Angular. I have a MEAN stack authentication application where I am setting a JWT token on successful login as follows, and storing it in a session in the controller. Assigning the JWT token to config.headers through service
Continue readingWhat is the JavaScript/node.js function HMACSHA256()?
Issue I am trying to find information about this JavaScript/node.js function: HMACSHA256() Its mentioned e.g. here: https://jwt.io/introduction (scroll to section "Signature") https://hirosht.medium.com/customized-jwt-encoded-with-hmac-sha256-hs256-267574bd7639 (scroll to section "Signature;") It’s mentioned in other places too. Neither node.js nor any browser JavaScript provides any
Continue readingnext-auth JWEDecryptionFailed
Issue I am using this code to be able to use the credentials next-auth provider along with cognito as oauth serviice: this to allow email and password auth. I am running next-auth@4.2.1: import CognitoProvider from "next-auth/providers/cognito"; import NextAuth from ‘next-auth’
Continue readingWhy and how to put secrets in environment variables in Node.js?
Issue I’m relatively new to Node.js and Express and I was following a guide on adding authentication using JWT to my site found here: Medium. I’m confused by one point of this guide, about using secrets, that says: This secret
Continue readingHow to fix JsonWebTokenError in node.js using express and reactjs?
Issue I am trying to show the page only if the Jsonwebtoken is verified and the user is logged on to the website, else show him the sign-in page. However, I can see the token is generated in MongoDB, and
Continue readingIs it safe to store a JWT in localStorage with ReactJS?
Issue I’m currently building a single page application using ReactJS. I read that one of the reasons for not using localStorage is because of XSS vulnerabilities. Since React escapes all user input, would it now be safe to use localStorage?
Continue readingDecode firebase/php-jwt in Angular 6
Issue I am using firebase/php-jwt in my Backend Api (Using Lumen) to serve Authentication Token. and I am using Angular 6 in Frontend. This is my result from backend after logged in : – { “message”: “Successfully Authenticated !”, “status”:
Continue readingModule not found: Error: Can't resolve 'crypto' in '/opt/lampp/htdocs/angular-testing-app/node_modules/jwa'
Issue I will install jsonwebtoken module in my angular6 project npm i jsonwebtoken. The jsonwebtoken module Dependencies jwa installed, But that index.js file crypto require error Can’t resolve ‘crypto’, But i already install crypto module. Please help and clear the
Continue readingCannot get cookies in Java Spring Boot / Angular application
Issue I am working on a Angular11 frontend app coupled with a Java Spring boot backend. Context I am trying to create an authentication with cookies with JWT. To do so I am inspired by JWT refresh token flow Access
Continue readingThe type "Observable<unknown>" cannot be assigned to the type "Observable<{token:string; }>". tap Error
Issue I’m trying to add a token via the .pipe method import { Injectable } from ‘@angular/core’; import { Observable } from ‘rxjs’; import { tap } from ‘rxjs/operators’; import { HttpClient } from ‘@angular/common/http’; import { User } from
Continue readingVerify JWT Token in angular
Issue My application backend runs on Django Rest Framework and and frontend on Angular. I’m already using JWT for authentication and that works fine. My requirement is to call a specific API (Not authentication related), which gets me some details
Continue reading