Reputation: 1330
How to catch the whether the token is expired or not in machinepack-jwt
I use machinepack-jwt for my login and register in my project. It successfully create the token and everything goes well accept for the expiration part. I don't know how to catch if the token is expired or not. Though I put the expiration time, it is not expiring on that time. Below is my backend code for login,
var JWT = require('machinepack-jwt'),
Passwords = require('machinepack-passwords'),
GoogleAPIsOAuth2v2 = require('machinepack-googleapisoauth2v2'),
Facebook = require('machinepack-facebook'),
request = require('request');
module.exports = {
authenticate : function(req, res) {
console.log("login");
User.findOne({
email: req.body.email
}, function foundUser(err, user) {
if (err) return res.negotiate(err);
if (!user) return res.notFound();
Passwords.checkPassword({
passwordAttempt: req.body.password,
encryptedPassword: user.password
}).exec({
error: function (err){
console.log(err);
return res.negotiate(err);
},
incorrect: function (){
return res.notFound();
},
success: function (){
JWT.encode({
secret: '17ca644f4f3be572ec33711a40a5b8b4',
payload: {
id : user.id,
email: user.email
},
algorithm: 'HS256',
expires: 1
}).exec({
error: function (err){
return err;
},
success: function (result){
JWT.decode({
secret: '17ca644f4f3be572ec33711a40a5b8b4',
token : result,
payload: {
id : user.id,
email: user.email
},
algorithm: 'HS256',
expires: 1
}).exec({
error: function (err) {
res.send(err);
},
success: function(decodedToken){
console.log(decodedToken);
console.log(result);
res.send({decodedToken,token : result, expires_in:1});
}
})
}
});
}
});
});
}
}
Below is the frontend code,
angular.module('app')
.factory('Auth', function($http, LocalService, AccessLevels ,$auth) {
return {
authorize: function(access) {
if (access === AccessLevels.user) {
return this.isAuthenticated();
} else {
return true;
}
},
isAuthenticated: function() {
return $auth.isAuthenticated();
},
login: function(credentials) {
var login = $http.post('/auth/authenticate', credentials);
login.success(function(result) {
console.log(result);
LocalService.set('satellizer_token', result.token );
LocalService.set('user', result.user);
});
return login;
},
logout: function() {
LocalService.unset('satellizer_token');
}
}
})
I want to catch if the token is expired and if expired want to redirect to the login page. How to catch if the token is expired or not?
Upvotes: 0
Views: 1936
Answers (2)
Reputation: 784
I am putting restful service side validation here.
@JsonIgnoreProperties(ignoreUnknown=true) interface Jwt {
Instant getExp();
String getAud();
String getIss();
}
Decode like this
Jwt jwt = null;
try {
jwt = objectReader.readValue(payload);
} catch (IOException e) {
throw new AuthenticationException(e);
}
// assert not expired
if (jwt.getExp().isBefore(Instant.now())) {
throw new AuthenticationException("auth token expired");
}
Upvotes: 0
Reputation: 39261
You only need to check the 'exp' field (expiration time) of the decoded token with the current date
function isExpired(exp){
if (exp){
return exp <= Date.now()/1000;
} else {
return true; //True if the token has not the expiration time field
}
}
Note that in your example you are creating the token with a bad value. It must be the number of seconds from 1970-01-01T00:00:00Z UT. See the RFC For example an expiration time of 1 minute should be
exp = Date.now()/1000 + 60
Upvotes: 1
Related Questions
- Check if token expired using this JWT library
- Node.js - Express.js JWT, how to check token expired or not?
- How to check if JWT token is expired in Angular 8
- comparing JWT expired time to now, always false, node Angular 4 app
- How to Check JWT token expiration before calling Api from Angular to .NET-core
- Check token expiration without requesting API
- How to detect jwt token expire on React
- How to check correctly if the access token is expired from the front end even if the client pc time is wrong?
- how to refresh token when expired in jwt
- angular2-jwt check if token is expired in component?