unauthorized when posting users/profile about meanauthapp HOT 11 OPEN

I had the same issue, I replaced ExtractJwt.fromAuthHeader with ExtractJwt.fromAuthHeaderWithScheme("jwt") in passport.js.

from meanauthapp.

I had the same problem.
First I changed opts.jwtFromRequest = ExtractJwt.fromAuthHeader() to ExtractJwt.fromAuthHeaderWithScheme('jwt') in the passport.js file.

Important Note: If you had problems with ExtractJwt.fromAuthHeader() and changed it to
ExtractJwt.fromAuthHeaderAsBearerToken() this was a wrong solution. I know, been there.

The change I mentioned above makes way for another error on the next line since it cannot find any _id in jwt_payload. You need to change the line User.getUserById(jwt_payload._doc._id to User.getUserByUsername(jwt_payload.username and voila! You're in without any issues.

from meanauthapp.

Hey,
i had the same problem. My solution in the passport.js is to change
//opts.jwtFromRequest = ExtractJwt.fromAuthHeaderAsBearerToken();
opts.jwtFromRequest = ExtractJwt.fromAuthHeaderWithScheme('jwt');

after taking a look to console.log(jwt_payload); I got this output:
{ data: { _id: '59eb44af9c219b2d89f2da83', name: 'testi tester', email: '[email protected]', username: 'test', password: '$2a$10$eBLcxGItjHaVCDSgeFOoBOxxD72qo9ZQyfWk4tSvK3sgoVB5RmD/y', __v: 0 }, iat: 1508591069, exp: 1509195869 }
Then I changed

_//User.getUserByUsername(jwt_payload.username, (err, user) => {
  User.getUserById(jwt_payload.data._id, (err, user) => {_

I hope this will help you. Is it better to check by id or by username? I think there no check if an username exists by registration. But this is maybe an other issue.

Greets

from meanauthapp.

I'm having some trouble with this part as well.

I tried changing to User.getUserByUsername(jwt_payload.username, but getting Unauthorized with Postman.

On the other hand, if I use User.getUserByUsername(jwt_payload.username, I get this response from Postman:

TypeError: Cannot read property '_id' of undefined at JwtStrategy.passport.use.JwtStrategy [as _verify] (D:\directory\config\passport.js:11:39) at D:\directory\node_modules\passport-jwt\lib\strategy.js:123:34 at D:\directory\node_modules\passport-jwt\node_modules\jsonwebtoken\verify.js:27:18 at _combinedTickCallback (internal/process/next_tick.js:131:7) at process._tickCallback (internal/process/next_tick.js:180:9)

Here is all the code of my passport.js file:

const JwtStrategy = require('passport-jwt').Strategy;
const ExtractJwt = require('passport-jwt').ExtractJwt;
const User = require('../models/user');
const config = require('../config/database');

module.exports = function(passport){
let opts = {};
opts.jwtFromRequest = ExtractJwt.fromAuthHeaderWithScheme("jwt");
opts.secretOrKey = config.secret;
passport.use(new JwtStrategy(opts, (jwt_payload, done) => {
User.getUserById(jwt_payload.data._id, (err, user) => {
if(err){
return done(err, false);
}

  if(user){
    return done(null, user);
  } else {
    return done(null, false);
  }
});

}));
}

from meanauthapp.

The code you posted is the same as what is in the repository. So if you changed it from ID to USERNAME somewhere else in the app then ofcourse you will get an error.

from meanauthapp.

from meanauthapp.

I'm using User.getUserById(jwt_payload.data._id and opts.jwtFromRequest = ExtractJwt.fromAuthHeaderWithScheme('jwt');. Copied most of the code from the repository, but getting this error in Postman:

ReferenceError: user is not defined at router.get (D:\Sync\Business\Projects\Secured.fyi\Website\v5\routes\users.js:64:23) at Layer.handle [as handle_request] (D:\Sync\Business\Projects\Secured.fyi\Website\v5\node_modules\express\lib\router\layer.js:95:5) at next (D:\Sync\Business\Projects\Secured.fyi\Website\v5\node_modules\express\lib\router\route.js:137:13) at complete (D:\Sync\Business\Projects\Secured.fyi\Website\v5\node_modules\passport\lib\middleware\authenticate.js:263:13) at D:\Sync\Business\Projects\Secured.fyi\Website\v5\node_modules\passport\lib\middleware\authenticate.js:270:15 at pass (D:\Sync\Business\Projects\Secured.fyi\Website\v5\node_modules\passport\lib\authenticator.js:431:14) at Authenticator.transformAuthInfo (D:\Sync\Business\Projects\Secured.fyi\Website\v5\node_modules\passport\lib\authenticator.js:453:5) at D:\Sync\Business\Projects\Secured.fyi\Website\v5\node_modules\passport\lib\middleware\authenticate.js:267:22 at IncomingMessage.req.login.req.logIn (D:\Sync\Business\Projects\Secured.fyi\Website\v5\node_modules\passport\lib\http\request.js:55:13) at JwtStrategy.strategy.success (D:\Sync\Business\Projects\Secured.fyi\Website\v5\node_modules\passport\lib\middleware\authenticate.js:248:13) at verified (D:\Sync\Business\Projects\Secured.fyi\Website\v5\node_modules\passport-jwt\lib\strategy.js:115:41) at User.getUserById (D:\Sync\Business\Projects\Secured.fyi\Website\v5\config\passport.js:17:16) at model.Query.<anonymous> (D:\Sync\Business\Projects\Secured.fyi\Website\v5\node_modules\mongoose\lib\model.js:4056:16) at D:\Sync\Business\Projects\Secured.fyi\Website\v5\node_modules\kareem\index.js:273:21 at D:\Sync\Business\Projects\Secured.fyi\Website\v5\node_modules\kareem\index.js:131:16 at _combinedTickCallback (internal/process/next_tick.js:131:7)

from meanauthapp.

It worked after I had copy-pasted the code for users.js from the repository. Must have been a symbol or character that was wrong, which I couldn't find.

from meanauthapp.

from meanauthapp.

@tomcatbuzz Can you please share the whole project

from meanauthapp.

I don't understand your question. This is the Github Repo for the Original MeanAuthApp. That is the whole project. Follow the first page of the Readme file. Says clone or download the files, open in a terminal and run npm install.

from meanauthapp.