stackoom
  简体   繁体   中英

JWT issued before application image rebuild does not work after image build/deploy

 原文  2018-08-24 20:18:53       jwt/ phoenix-framework/ guardian

Question

My app uses a SPA client and Phoenix/Elixir backend, with jwt authentication (via Guardian library). The app is deployed using Docker on GCP.

I'm having the below issue:

  1. I'm an authenticated user that has been issued a jwt. Everything works fine.

  2. The production application's docker image is rebuilt, redeployed, and the server is restarted.

  3. My jwt token issued before the rebuild is no longer valid.

I'm having trouble finding what would be causing this. Looks like the secret key used in config.exs Guardian config will always be the same across builds.

Any help is appreciated!

1 answers

solution1
 0  2018-08-24 20:25:06

Either the contents of the payload are being used to validate the message, and some field has changed in a way that the JWT is considered invalid by the server, or the secret actually has changed and your assertion is not correct.

The way I would problem solve this is by using a pre-developed tool to verify the JWT. Either your secret key can be used to validate the signature or it can't. No need to "guess".

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How Jwt token issued by IdentiyServer is validate in Web Api Application Logout in JWT does not work auth0 jwt authentication Error parsing token: Token used before issued Renew a JWT issued by Azure ACS How does JWT DefaultAuthenticateScheme work? Authentication with bcrypt and jwt does not work Identity Server 4 issued JWT Validation failure JWT Middleware not getting claims from OpenIddict Issued JWT Istio Origin Authentication Using JWT does not work How does authentification with JWT work in Spring Boot
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM