Itay Ben Shmuel
Reputation: 674
jwt.verify returns res also when token expired
I'm using JWT- 'jsonwebtoken' repository.
I want to create a token and to check when it expires, If it expired, it should return me an error. For some reason, I got the decoded (res).
To create the token I'm using:
const jwt = require('jsonwebtoken');
const SECRET_KEY = 'It@y W@$ H3r3';
const options = {
expiresIn: '5s',
};
const callback = (err, token) => {
console.log('Token:', token);
setTimeout(() => {
jwt.verify(token, SECRET_KEY, (err, res) => {
console.log('res', res);
console.log('err', err);
});
}, 10000);
};
jwt.sign(options, SECRET_KEY, callback);
For some reason I got the decoded:
{ expiresIn: '5s', iat: 1543574822 }
I should get an error like this instead:
err = {
name: 'NotBeforeError',
message: 'jwt not active',
date: 2018-10-04T16:10:44.000Z
}
Hope someone solved this problem and can assist here... Ty, Itay.
Upvotes: 1
Views: 415
Answers (1)
Itay Ben Shmuel
Reputation: 674
jwt.sign(payload, secretOrPrivateKey, [options, callback])
If you want to pass the expiresIn on the payload you should use exp not expiresIn:
jwt.sign({
exp: Math.floor(Date.now() / 1000) + (60 * 60),
data: 'foobar'
}, 'secret');
If you want to use expiresIn you must pass it on the options:
const SECRET_KEY = 'It@y W@$ H3r3';
const options = {
expiresIn: 5,
};
jwt.sign({}, SECRET_KEY, options, callback);
Got the answer from a friend named Yury. Thanks.
Upvotes: 1
Related Questions
- Check if token expired using this JWT library
- Node.js - Express.js JWT, how to check token expired or not?
- comparing JWT expired time to now, always false, node Angular 4 app
- How to deal with a TokenExpiredError: jwt expired?
- jwt.verify not throwing error for expired tokens
- JWT expired, unexpected response in nodejs API
- JWT token is always invalid when verified
- PassportJS Validates Expired JWT
- how to verify jwt token in nodejs / never expire?
- jwt.verify() returns jwt expired when the expiration is 24h