Learn, Share, Build

86
October 05, 2017, at 8:04 PM

I'm using a Node.JS express backend and an Angular 4 frontend in this app. I use JWT tokens to store an id which I use to find a user. Please note these JWT tokens do not expire.

Scenario:

  1. User logs in.
  2. JWT Token is generated and signed (containing the user ID)
  3. JWT token is saved in localStorage
  4. JWT token is used from then on to find the current user that's logged in

This was working perfectly. Now, something really weird happens. In production, occasionally, the JWT token seems to change value which then throws an error on my application as the user can no longer be found. I've run through all the code, nothing on the app itself should be changing the value at all.

I appear to have isolated this issue as only occurring mostly in Google Chrome however, (I think) I might have seen it occur in Safari at times. I have no idea why this would be happening. When I go to a protected page in Angular, it checks if a JWT token exists or not before proceeding. If it doesn't then it'll go to login. Nowhere is the value of that token changed.

Does anyone know what I may be doing wrong/why this is happening?

Answer 1

Are you using a middleware function in order to implement your JWT logic?

If not, I would recommend using a middleware function, that is written prior to your route logic/handler function. I guess, that helps debugging the problem and also a good practice.

READ ALSO
Learn, Share, Build

Learn, Share, Build

I am trying to create Product entity that has OneToMany relationship with CategoryHere is controller method for creating new object

68
Learn, Share, Build

Learn, Share, Build

I have an idea that just may work

97
Learn, Share, Build

Learn, Share, Build

I'm currently generating JWT using node-jsonwebtoken in Node 4When I'm trying to upgrade to Node 8, I'm unable to sign a JWT generated in Node 4 (using same secret & payload, the signature is different)

91
Learn, Share, Build

Learn, Share, Build

I'm using mongoose validation to validate my modelsfor example:

83