Node.js - Express.js JWT always returns an invalid token error in browser response
Here is an example
http://blog.auth0.com/2014/01/07/angularjs-authentication-with-cookies-vs-token/
var expressJwt = require('express-jwt');var jwt = require('jsonwebtoken');var SECRET = 'shhhhhhared-secret';app.use('/api', expressJwt({secret: SECRET}));app.post('/authenticate', function (req, res) { //TODO validate req.body.username and req.body.password //if is invalid, return 401 if (!(req.body.username === 'john.doe' && req.body.password === 'foobar')) { res.send(401, 'Wrong user or password'); return; } var profile = { first_name: 'John', last_name: 'Doe', email: 'john@doe.com', id: 123 }; // We are sending the profile inside the token var token = jwt.sign(profile, SECRET, { expiresIn: 18000 }); // 60*5 minutes res.json({ token: token });});app.get('/api/protected', function(req, res) { res.json(req.user); });
Also, make sure you don't put a : after bearer. E.g.
BAD! Authorization: Bearer: eyJ0eXAiOiI1NiJ9.eyJpZCMjEyNzk2Njl9.4eU6X1wAQieH
Prints "UnauthorizedError: jwt must be provided" to logs
Good Authorization: Bearer eyJ0eXAiOiI1NiJ9.eyJpZCMjEyNzk2Njl9.4eU6X1wAQieH