Category "jwt"

DRF-simple-JWT: New user registered but not able to login

I am able to create a New User using the "register" endpoint. I can the user being created on the admin page as well. When I try to get an access token for the

Quarkus Auth Server Disable JWT Issue

i wish to disable the auth server when running in dev mode, which I am able to do so with %dev.quarkus.oidc.enabled=false . But it causes an exception given bel

What does "Signature Verified" result from jwt.io mean?

I am creating a jwt using the header, payload and prvate key provided by Apple. I get "Signature Verified" result using public key and generated token in jwt.io

TypeError: User.generateAuthToken is not a function

userSchema.methods.generateAuthToken = async function() { const user = this const token = jwt.sign({_id:user._id.toString()},'thisisnewcourse') ret

ASP.NET Core 3.1 MVC JWT Login return 401

I have a problem , jwt authentication return 401 Error. Token was created but always return 401 error. I used layered architecture. I tried many things on start

I am using ES256 algorithm and how do I try it in jwt.io?

I'm generating a token using the header, payload and private key I got from apple. But how do I test in jwt.io if this is the valid signature? Because jwt.io wa

missing credentials in NestJs Passport

I've built an NestJS API with authentification. I'm using NestJS passport and I create a JSON web token when a user logs in. I've done numerous searches and I r

How worried should I be about opening up a JWT to an XSS vulnerability?

I am building a node.js web application with react for the the GUI and graphQL served with Apollo for the back-end connecting to a RDS (MySQL) instance on AWS.

express-jwt - typeError: done is not a function

I'm using express-jwt to control the user privileges of my startup project, but I'm getting an error when I try to request access (using Postman) an api that on

Protected Route by checking JWT saved in user's cookie

I just finished implementing Google social authentication in my NextJS + DjangoRest project following this blog post. I am trying to figure out how to make prot

How to use JWT stored in cookie in NEXT _middleware

This question extends my last question and is primarily for me who might get stuck again. I'm trying to rebuild an app in Next.js that has this login form using

When does JWK expire? JWKS rotation policy

I am reading about JWKS and found information about the key rotation concept - https://developer.okta.com/docs/concepts/key-rotation/ Let's assume I use JWKS in

Springboot + JWT +OAuth2 + AngularJS Stateless session

I am trying various Java Spring based security implementations as follows 1. JWT Authentication User access / Springboot identifies as protected resource and

Firebase ID token has invalid signature even on jwt

Firebase ID token has invalid signature Hi all, I'm somehow new to NodeJS and I've only used Google Firebase a few times. Now, I'm trying to verify an idToken g

JWT key rotation

I have been thinking and searching many different approaches but I am not sure what is the best solution to solve this problem. Imagine you have 50 microservice

Reading Cookie from React (backend with FastAPI + fastapi-jwt-auth)

I am having some problems with understanding JWT in Cookie using Axios and FastAPI. I am trying to make a simple application with React for the frontend and Fas

Angular 13 MSAL 2.0 & .NET core API: Bearer error="invalid_token", error_description="The signature is invalid"

To isolate the problem, I have created the famous Visual Studio default "weather forecast" .NET core project with angular and tried to make the Angular ClientAp

What is the difference between services.AddAuthentication() and services.AddAuthorization() in asp net core?

I have the following code and i want to understand what is the difference between those two extension methods. What each one do? services.AddAuthentication (Jw

My HMACSHA256 signature validation almost works but not quite

I wrote a method that takes a JWT as a request and checks if the signature is valid. This is the unit test: @Test public void isValid() { final JwtValidator

Why did user object is undefined in NextAuth session callback?

I use NextAuth for signIn with discord provider and I need to add userID into the session object. For that I use session callback but user object is undefined.