CODEWITHSUNDEEP
javascriptnode.jsexpresssequelize.jspassport.js
peetya
peetya

Reputation: 3628

req.user is undefined when using PassportJS, SequelizeJS and JWT tokens

I already checked multiple answers here on Stackoverflow, and also went through on the documentation but I still cannot find out what could be the problem. In my application I'm using SequelizeJS to access to my mySQL database and now I'm trying to secure my REST API endpoints with PassportJS using the JWT Strategy.

./app.js

// ...
// passport
app.use(passport.initialize());
require('./config/passport')(passport);
// ...

./config/passport.js

var passport     = require('passport');
var passportJwt  = require('passport-jwt');
var models       = require('../models');
var config       = require('./config');

var ExtractJwt = passportJwt.ExtractJwt;
var Strategy   = passportJwt.Strategy;

module.exports = function(passport) {
    var params = {
        secretOrKey: config.jwt.secret,
        jwtFromRequest: ExtractJwt.fromAuthHeader()
    };

    passport.use(new Strategy(params, function(jwt_payload, done) {
        models.User.findOne({
            where: {
                id: jwt_payload.id
            }
        }).then(
            function(user) {
                if (user) {
                    done(null, user);
                } else {
                    done(null, false);
                }
            },
            function(err) {
                return done(err, false);
            }
        );
    }));
};

I'm trying to get the user entity from the request of this simple route:

var router    = express.Router();
// ...
router.route('/user/me', passport.authenticate('jwt', {  session: false }))
    .get(function(req, res) {
        console.log(req.user);
        res.json(req.user);
    });

I already created another route which returns a JWT token based on the provided username and password. When I call the /user/me endpoint I attach the JWT token into the header, for example:

Authorization: JWT eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpZCI6MX0.M9z3iWNdjAu4THyCYp3Oi3GOWfRJNCYNUcXOw1Gd1Mo

So, my problem is that when I call the /user/me endpoint with a token, the req.user will be undefined and I cannot figure it out what is the reason.

Thank you in advance for your help!

Upvotes: 0

Views: 641

Answers (1)

Sergey Lapin
Sergey Lapin

Reputation: 2693

Your route definition seems to be wrong: router.route doesn't accept a middleware in its second argument, so authentication does not happen at all.

It should be smth like

var router    = express.Router();
// ...
router.route('/user/me')
    .all(passport.authenticate('jwt', {  session: false }))
    .get(function(req, res) {
        console.log(req.user);
        res.json(req.user);
    });

Upvotes: 2

Related Questions