Reputation: 67
JWT authentication not work on Iphone devices
i am using jwt authentication in my demo app.https://musflix.netlify.app
my demo application github url:https://github.com/danimadmolil/musify
i use my forked version of json-serve-auth https://github.com/danimadmolil/json-server-auth
i make a change to original json-serve-auth to support jwt auth throught cookies.
login function is like so:
(req, res, next) => {
const { email, password } = req.body as User
const { db } = req.app
if (db == null) {
throw Error('You must bind the router db to the app')
}
const user = db.get('users').find({ email }).value() as User
if (!user) {
res.status(400).jsonp('Cannot find user')
return
}
bcrypt
.compare(password, user.password)
.then((same) => {
if (!same) throw 400
return new Promise<string>((resolve, reject) => {
jwt.sign(
{ email },
JWT_SECRET_KEY,
{ expiresIn: JWT_EXPIRES_IN, subject: String(user.id) },
(error, accessToken) => {
if (error) reject(error)
else resolve(accessToken!)
}
)
})
})
.then((accessToken: string) => {
const { password: _, ...userWithoutPassword } = user
res.cookie('Authorization', `Bearer ${accessToken}`, {
sameSite: 'none',
secure: true,
httpOnly: true,
domain: req.hostname,
path:"/",
expires:new Date(Date.now() + 24 * 60 * 60 * 1000)
})
res.status(200).jsonp({ accessToken, user: userWithoutPassword })
})
.catch((err) => {
if (err === 400) res.status(400).jsonp('Incorrect password')
else next(err)
})
}
the code for using cookie in sever.js file in main app is like so
server.get("/getAllPlaylists", (req, res) => {
let { db } = req.app;
try {
var { id: userId } = getUserByCookie(req);
console.log("useriD", userId);
if (userId) {
return res.send(getUserPlaylists(db, userId));
} else {
return res.send("you are not fucking authorized");
}
} catch (e) {
res.statusCode = 200;
return res.send("error");
}
});
function getUserByCookie(req) {
let { db } = req.app;
const [schema, token] = req.cookies.Authorization
? req.cookies.Authorization.split(" ")
: [undefined, undefined];
if (token && schema) {
const { email } = jwt.verify(token, constants.JWT_SECRET_KEY);
const user = db.get("users").find({ email }).value();
return user;
}
return undefined;
}
there is no problem with android devices and windows systems. the problem is when i use iphone devices (like iphone 7 or newest) when use try to login it should set a Authorization cookie to browser and then on each request (i use credential:"include" with fetch api) browser should send Authorization cookie to serve. but only on iphone devices it not sending that i know it is a long question,i am sorry any one can help me please?
Upvotes: 0
Views: 449
Answers (0)
Related Questions
- Unable to connect to Apple App Store API with JWT token
- JWT decoding working in React Native but not for React
- JWT Token (Invalid token Specified)
- JsonWebTokenError: jwt malformed in Express as soon as the user logs in, but if I refresh it works perfectly fine
- Client Side authentication with ReactJs
- JWT gets cleared when loading page
- How to do JWT authentication with react?
- react Native JWT-auth Error fetching api
- JWT why can I bypass authentication?
- Why is my Auth0 token always coming back as invalid when sent from iOS to node.js server?