Skip to content
This repository has been archived by the owner on Mar 31, 2023. It is now read-only.

I am not able to get this working for me, do you have a working example for same #6

Open
idmanish opened this issue Dec 11, 2015 · 6 comments
Open

I am not able to get this working for me, do you have a working example for same #6

idmanish opened this issue Dec 11, 2015 · 6 comments

Comments

@idmanish
Copy link

No description provided.

@aembke
Copy link
Contributor

aembke commented Dec 11, 2015

Can you describe what you tried and what error message you saw?

@idmanish
Copy link
Author

To add my token with session in redis , I wrore below code.
req.jwtSession.user = user.toJSON();

  // Manish-this will be attached to the JWT Redis
  var claims = {
      iss: "test",
      aud: "http://localhost:9000"
  };
  req.jwtSession.create(claims, function(error, token){
      res.json({ token: token });
  });

It able to add just user in redis with a session UUID , which I passed in redis ( req.jwtSession.user = user.toJSON();)

Later at the time of logout I tried this
req.jwtSession.destroy(function(error){
console.log("Session removed from redis", error);
});

then I am getting error:- "Error: Invalid session id"

I am not sure how to pass session id to this.

@aembke
Copy link
Contributor

aembke commented Dec 15, 2015

That error means that the request did not contain a valid JWT, or that the session had already expired or been removed from redis. If you console.log(req.jwtSession) what values do you see?

@idmanish
Copy link
Author

In can see in "Redis Desktop manager" that session is available,
I am just doing login and immediately logout.
console.log-- after login
Request JWT session data: { create: [Function],
touch: [Function],
update: [Function],
reload: [Function],
destroy: [Function],
toJSON: [Function],
user:
{ _id: 5670cf84ace2e45042927e7b,
provider: 'local',
name: 'manish',
email: '[email protected]',
userid: 4567890,
} }

console.log-- Just before logout
req.jwtSession------------------------- { create: [Function],
touch: [Function],
update: [Function],
reload: [Function],
destroy: [Function],
toJSON: [Function] }

One more things...I want to handle scenario like force browser close, how can I destroy my session in this case of browser close

@aembke
Copy link
Contributor

aembke commented Dec 16, 2015

Can you also verify that you're passing the JWT on the logout request? That console.log info seems to show that the module did not find the JWT in the logout request. I would also log the data from the express request object to verify that you're passing the JWT in the query, body, or headers.

@idmanish
Copy link
Author

yes, I am passing jwt token with each request using interceptor at client side
I am also verifying all client request using server side with a additional middleware
app.all('/api/v1/auth/*', auth.isAuthenticated());

auth.isAuthenticated() actually doing this validateJwt(req, res, next);

Its validating JWT token
so JWT is available but not sure why "req.jwtSession-" is not having user info which is there in redis

Since I am not able to delete Redis session there are multiple entries in redis for same user.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@aembke @idmanish