stackoom
  简体   繁体   中英

How can i expire a jwt in node js?

 原文  2014-11-02 14:34:29       node.js/ authentication/ token/ access-token/ jwt

Question

I'm using the jsonwebtoken module in npm and I'm trying to expire the token but it seems that it doesn't expire. Here's my code: 

app.post('/token', function(req, res) {
  name = 'Name'
  var token = jwt2.sign(name, secret, { expiresInMinutes: 5 });
  res.end(token);
});

I use this token later here: 

app.post('/feed', function(req, res) { 
  console.log('hiiiiii');
  token = req.body.token;

  console.log('access-token :' + token);
  jwt2.verify(token, 'secret', function(err, decoded) {
    if (err) {
      err = {
        name: 'TokenExpiredError',
        message: 'jwt expired',
        expiredAt: 1408621000
      }
      console.log(err.name);
    } else {
      console.log('decoded token:' + decoded);
      res.end(decoded);
    }
  });
});

1 answers

solution1
 0  2014-11-02 14:55:35

Here's a minimal test case to show an example of it working as intended: 

'use strict';
var jwt = require('jsonwebtoken');

var token = jwt.sign({ foo: 'bar' }, 'shhhhh', { expiresInMinutes: 1});

console.log(token);

setTimeout(function() {
    jwt.verify(token, 'shhhhh', function(err, decoded) {
        if(err) {
            console.error('err: ', err);
        } else {
            console.log('decoded: ', decoded);
        }
    });
}, 1000 * 62);

When running this test case I get the following output: 

eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJmb28iOiJiYXIiLCJpYXQiOjE0MTQ5Mzk5MTYsImV4cCI6MTQxNDkzOTk3Nn0.O5zrNrkrhPk_2RekdRwm-nTbHvDIWhsjf_uSWLPfdJQ
  err:  { [TokenExpiredError: jwt expired]
  name: 'TokenExpiredError',
  message: 'jwt expired',
  expiredAt: Sun Nov 02 2014 09:52:56 GMT-0500 (EST) }

You're signing the token with a variable secret while verifying it with the string 'secret'. Could this be the issue?

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question JWT doesn't expire (Node.js) How can I create JWT refresh token on node js? How can I decode a token in Node.js? jwt.verify() fails How can I implement http-only cookie-JWT authentication using React and Node JS? How do I set role in Node JS JWT Authentication? How to expire a JWT token manually? How can i expire my JWT token, when user is idle for sometime(Token based authorization) in nodeJS/Express and Angular force expire jwt token in adonis js How can I use Basic authentication or JWT to the same route in Node? How can I have jwt token from server(Node.js) without making ajax call from client (Vue)
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM