Reputation: 687
Express JS and JWT - Token Type not shown in decoded header
I just added token based authentication to my express JS application - Looks like the token type doesn't show in the decoded section.
I'm testing using https://jwt.io/
Token I used to test -
eyJhbGciOiJIUzI1NiJ9.eyJfaWQiOiJSYW4zIiwibmFtZSI6IlJhbjMgVGVzdCJ9.YPJXc4tp8NaWcboE9obwGvm-AGa6fkN1IA6y0pT7u-w"
The header section just shows up
{
"alg": "HS256"
}
I expect it to show up like this -
{
"alg": "HS256",
"typ": "JWT"
}
Please explain why the Token type is missing from the header?
I generate the token like this -
var token = jwt.sign(JSON.stringify(user_dict), app.get('superSecret'));
Thanks
Upvotes: 0
Views: 775
Answers (1)
Reputation: 1102
The "type" is an optional setting on the header per the spec which is not typically utilized so most examples don't share how to do it. Assuming you are using this library (https://github.com/auth0/node-jsonwebtoken) you will be able to pass in options to the "header" via options.header value which should allow you to specify the field "typ":"JWT" via
var options = { "header": { "typ": "JWT" } };
var token = jwt.sign(JSON.stringify(user_dict), app.get('superSecret'), options);
Upvotes: 2
Related Questions
- req.headers['authorization'] is undefined in Nodejs JWT(JSON WEB TOKEN)
- How to get request headers in express?
- JWT token not set in the response header
- Node JS : Can't access to req.headers.authorization to extract JWT token
- JWT-Node authentication - req.headers[''authorization"] is Undefined
- get authorization header token with node js
- jsonwebtoken not in headers
- Decoding the token doesn't give user profile
- Pass JWT in Header
- Using express-jwt, why is my authorization header missing when it's clearly there