1

I have a sign-in sign-up page. On sign-up part, The user can sign up and should be authenticated and given a token that is stored in a local storage. after that user will be redirected to a profile page with the token, but before redirecting since the profile page is protected. the token should be validated.

If validated, it should render a profile page, but it's not rendering and I don't know why. That even spit out any errors. But here's the weird part: when I create a user account I logged the JWT token and copy that, use it through Postman, attached the token on the header then use the profile route it will render the HTML. But on Chrome, it doesn't.

Here's a video I made: https://www.youtube.com/watch?v=ufkor1eVxx8

Here's the code for on sign up. (I will refactor everything).

'use strict';

    (function () {
    
        const signInForm = document.getElementById('signup-form');
        const username = document.getElementById('signup-username');
        const email = document.getElementById('signup-email');
        const password = document.getElementById('signup-password');
        const signUpBtn = document.getElementById('signup-btn');
    
        signUpBtn.addEventListener('click', (e) => {
            e.preventDefault();
    
            axios({
                method: 'post',
                url: '/signup',
                data: {
                    username: username.value,
                    email: email.value,
                    password: password.value
                }
            })
                .then(response => {
                    console.log(response.data) //check my response working
                    
                    const token = response.data;
    
                    if(token) {
                        window.localStorage.setItem('access_token', token);
                        // window.location.assign('/profile');
                        axios({
                            method: 'get',
                            url: '/profile',
                            headers: {
                                'Authorization': `Bearer ${token}`,
                            }
                        }).then( res => {
                            console.log(res, 'afsdfas')
                            if(res.status === 200) {
                                console.log(res.data.decoded) // decoded JWT working
                            }
                        })
                        .catch( err => {throw err});
    
                    } else {
                        console.log('NO TOKEN');
                    }
    
                })
                .catch(err => { throw err });
        })
     }());

Here's the code for the route profile:

const express = require('express');
const router = express.Router();
const verifyToken = require('../helper.fn/verifyToken');
const jawt = require('../helper.fn/jwt.token');

router.get('/profile', verifyToken, (req, res) => {

    // console.log(req.token, 'test'); // token verified here. working.

    jawt.checkJWT(req.token)
    .then( userDecode => {
        console.log(userDecode); // user decoded info working

        if(userDecode) {
            console.log(userDecode, 'decode') // ! this will run working
            res.render('userprofile'); // ! THIS IS THE PROBLEM WON'T RENDER
            console.log('gasdfas'); // ! this will run
           // res.json({userDecode}); this for testing this works
        } else {
            res.json({ err: 'something is wrong'})
        }
        
    })
    .catch( err => { throw err})

});


module.exports = router;

Here's the code for validating the token:

/**
 * this function checks if we a token attached to a header
 * @param {Object} req
 * @param {Object} res
 * @param {function} next
 */
module.exports = function(req, res, next) {
  const userToken = req.headers.authorization;

   console.log(userToken) // logs the bearer and token
  if (!userToken) {
    res.status(403).json({
      error: "FORBIDDEN"
  });
  } else {
    const token = userToken.split(' ')
    console.log(token[1]) // I have the token here working
    req.token = token[1];
    next();
  }

};
halfer
  • 19,824
  • 17
  • 99
  • 186
aRtoo
  • 1,686
  • 2
  • 18
  • 38
  • There's a lot going on here. You're going to at least have to narrow this down to either a client-side or server-side problem, and fix any logging issues you have so we can help figure it out. – Brad Aug 05 '18 at 05:37
  • thank for the reply sir. I dont know whers the problem. I logged from the front end and to the backend. everything is ok. headers is ok. validation is ok. – aRtoo Aug 05 '18 at 05:39
  • Where are these logs? Put them in your question. If everything was actually okay, it'd be working, right? Narrow it down further. – Brad Aug 05 '18 at 05:43
  • @Brad absolutely right. it should be working. on postman itll work fine. gives me error and all. on chrome it doesnt. my weird thing is it doesnt render the html – aRtoo Aug 05 '18 at 05:45
  • did you try `credentials: true` in axios? – Daksh M. Aug 05 '18 at 06:15
  • @DakshMiglani no. haven't heard. but everything is working fine on POSTMAN. – aRtoo Aug 05 '18 at 06:39
  • can you show postman config? – Daksh M. Aug 05 '18 at 08:13
  • @DakshMiglani I never touched postman settings. and I checked its the same thing. – aRtoo Aug 05 '18 at 14:31
  • maybe the default config of postman is what you need for it? like headers, etc? – Daksh M. Aug 05 '18 at 14:32
  • @DakshMiglani there's only header sir. its my token. i want to cry. really man. this is where I doubt my knowledge. been googling for hours, talking to people. it seems like im the only person who encounter this one – aRtoo Aug 05 '18 at 16:49
  • Ahh, bro stuff like this happens a lot. Especially, when you're dealing with cors. Why don't you email me personally and I might be able to help you with that. I don't really want you to get demotivated over such a small issue. – Daksh M. Aug 05 '18 at 16:55
  • @DakshMiglani how can i email you sir? i could share man screen. im using vscode. – aRtoo Aug 05 '18 at 17:01

0 Answers0