Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

"expiresIn" option not working with sequelize object

See original GitHub issue

The token is created but never expires. I am getting the object from a query to a relational db with the sequelize package. Code example:

models.User.findOne({ where: {username: req.body.name} }) //Returns an object user or null
.then(function(user) {
    if (user) {
        console.log(typeof user); //Logs "object"
        // Check if password matches
        if (user.password != req.body.pass) {
            res.json({ message: 'Authentication failed. Wrong password.' });
        } else {
            // If user is found and password is right create a token
            var token = jwt.sign(
                user, 
                'shhhhh', 
                {
                    expiresIn: 60 // expires in 1 minute
                }
            );

            // Shows the token
            console.log(token);
        }   
    } else {
        console.log("User not found");
    }

}).catch(function(error){
    whatever...
});

Issue Analytics

State:
Created 8 years ago
Comments:21 (3 by maintainers)

Top GitHub Comments

5reactions

MariusRumpfcommented, Dec 16, 2015

I am using a similar method that works for me, except that I only use only the username as token:

    User.findOne({username: username}, (err, user) => {
      if (err) {
        return done(err, false);
      }
      if (!user) {
        return done(null, false, {message: 'Invalid credentials'});
      }
      bcrypt.compare(password, user.password, (err, isMatching) => {
        if (err) {
          return done(err, false);
        }
        if (!isMatching) {
          return done(null, false, {message: 'Invalid credentials'});
        }

        var token = jwt.sign({user: user.username}, config.secrets.jwt, {
          expiresIn: '10m',
          algorithm: 'HS256'
        });
        user.token = token;
        User.update({_id: user._id}, {token: user.token, reauth: false}, () => {
          user = _.pick(user, ['username', 'token']);
          return done(null, user);
        });
      });
    });

What infos does decoding your token give on http://jwt.io/ ?

2reactions

eXtreaLcommented, Dec 17, 2015

I’m using a similar way to sign the token and am occurring the same problem at the moment. Everything works fine, however the token doesn’t seem to expire. I’m storing the token in the localstorage of the browser.

Top Results From Across the Web

jsonwebtoken.sign() fails with expiresIn option set

If I remove options object at all, it works, but without options I need to set. The issue seems to be simple but...

Building a PostgreSQL API in JavaScript with Express and ...

We've set up two simple models and a working relationship between them, ... Sequelize also gives us a second options hash after the...

Node.js Express: JWT example | Token Based Authentication ...

Controllers interact with MySQL Database via Sequelize and send HTTP response (token, user information, data based on roles…) to client.

MySQL Connection With Node.js Using Sequelize and Express

Cons of sequelize: NoSQL doesn't support sequelize as it includes some unexplained issues when additional connections to the database are required. Sequelize ...

How to Build Web APIs with NestJS, Postgres, and Sequelize

Setting up Sequelize and Postgres Database; Authentication with Passport ... a token and user object, if not, it will throw an exception.