- ๐ซ My YouTube Channel: https://www.youtube.com/@sakuradev
- ๐ซ How to reach me: [email protected]
nest-crash-course's Introduction
nest-crash-course's People
Forkers
brodyaga-dev wblucky ivandi1980 mdshohanurrahman atimathong rosairekota prabathmadushan paulight24 ivandjoh elkestudionest-crash-course's Issues
Where is full code ?
It would be great If you provide the full code that you used in the tutorial.
fix: refresh token algo is broken
Hi @vahid-nejad
When I want to use the strategy jwt-refresh
I got
{ "message": "Unauthorized", "statusCode": 401 }
I have this
@Injectable()
export class RefreshTokenGuard extends AuthGuard('jwt-refresh') {}
and this strategy
@Injectable()
export class RefreshTokenStrategy extends PassportStrategy(
Strategy,
'jwt-refresh',
) {
constructor() {
super({
jwtFromRequest: ExtractJwt.fromBodyField('refresh_token'),
ignoreExpiration: false,
secretOrKey: `${process.env.jwt_secret}`,
});
}
async validate(payload: any) {
return { user: payload.sub, username: payload.username };
}
}
and this is the API
@UseGuards(RefreshTokenGuard)
@Get('refresh')
async refresh(@Request() request) {
return this.authService.refreshToken(request.user);
}
Getting empty user
Hello,
I noticed that when I am generating a new access token using the refreshToken function, it contains an empty payload. When I investigated the issue, I found out that when I write consol.log(user), I can see the values of the user object. However, when I start accessing the properties of the user object to populate the payload, they are all undefined.
Here code for the refresh token strategy:
import { Injectable } from '@nestjs/common';
import { ConfigService } from '@nestjs/config';
import { PassportStrategy } from '@nestjs/passport';
import { ExtractJwt, Strategy } from 'passport-jwt';
@Injectable()
export class RefreshJwtStrategy extends PassportStrategy(
Strategy,
'jwt-refresh',
) {
constructor(private readonly configService: ConfigService) {
super({
jwtFromRequest: ExtractJwt.fromBodyField('refresh'),
ignoreExpiration: false,
secretOrKey: configService.get<string>('jwt.refreshSecret'),
});
}
async validate(payload: any) {
return { user: payload.sub, userId: payload.userId };
}
}
Here is the code in the controller:
@UseGuards(RefreshJwtGuard)
@Post('/refresh')
async refreshToken(@Request() req) {
return await this.authService.refreshToken(req.user);
}
Here is the code for the refreshToken:
async refreshToken(user: User) {
console.log(user); //It is working fine and I can see the object and it's values
const payload = {
userId: user.id, //undefined
sub: {
id: user.id, //undefined
username: user.username, //undefined
email: user.email, //undefined
},
};
console.log(payload); //the payload is showing as {}
return {
accessToken: this.jwtService.sign(payload),
};
}
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.