Reputation: 1006
AdonisJS doesn't refresh token because Invalid Token
I'm trying to get a new access token sending a post request to server. I'm using postman to send the refresh token and the function that handles this is bellow this paragraph. The server response is E_INVALID_JWT_REFRESH_TOKEN
async refresh({
request,
response,
auth
}) {
try {
const refresh_token = request.input('refresh_token')
const decrypted = Encryption.decrypt(refresh_token)
console.log(decrypted)
const token = await auth.generateForRefreshToken(refresh_token, true)
console.log('Token is',token)
return response.status(200).json(token)
} catch (error) {
return response.status(401).json(error)
}
}
As you can see, I decrypted the token and it's ok. Also check the database and is ok.
Apparently I'm not the only one that have this error and an issue is closed in GitHub
UPDATE:
This is my config/auth.js
jwt: {
serializer: 'LucidMongo',
model: 'App/Models/User',
scheme: 'jwt',
uid: 'email',
password: 'password',
options: {
secret: Env.get('APP_KEY'),
expiresIn: '60m',
}
},
Upvotes: 1
Views: 1281
Answers (2)
Reputation: 2302
The + character is problematic. Errors with this character are common on query string.
If you log the result of refresh_token you might notice that the + character is replaced by a space.
Solutions
1. You can use libraries to convert request to a queryString
Example with query-string:
var query = queryString.stringify({
refresh_token:
"74f7c7e26621d231feb39c4a9c6a76bajOKUVX+J3LG/f4hJQzy3+hgL+p2w0VkRRw6xT/NnVxUofjh/zRVJJyuwGEfoCL+l"
});
Ouput (query):
refresh_token=74f7c7e26621d231feb39c4a9c6a76bajOKUVX%2BJ3LG%2Ff4hJQzy3%2BhgL%2Bp2w0VkRRw6xT%2FNnVxUofjh%2FzRVJJyuwGEfoCL%2Bl
2. You can use Request Body
https://en.wikipedia.org/wiki/HTTP_message_body
With this method, there is no need to convert the text
The best solution will depend on your needs.
Interesting links
How to include special characters in query strings
Upvotes: 1
Reputation: 690
That is depends on consensus of the character encoding between client and server you are apply.
eg:
Client:
encrypted = toUTF8(Encryption.encrypt(token));
Server:
decrypted = Encryption.decrypt(fromUTF8(refresh_token))
Upvotes: 0
Related Questions
- Logout with AdonisJS using JWT token
- adonijs authentication fails with 401 error with corect email and password
- In Adonis.js Why refreshToken is null?
- Problem with JWT Refresh Token Flow with axios/axios-auth-refresh
- JWT token not saved on database
- Blocking JWT tokens AdonisJS
- JWT token validation process in AdonisJs / Laravel
- Unable to renew token with adal.js
- force expire jwt token in adonis js
- AdonisJs User Authentication for User Login Fails