Cannot set headers after they are sent to the client in a middleware

Question

In a middleware function, I authenticate user and return when jwt token is invalid. This is the middleware function.

const authenticateUser = (req, res, next) => {
const token = req.header('x-auth');
if (!token) {
    res.json({ errMessage: 'Invalid token' });
}
try {
    const tokenData = verify(token, privateKey);
    req.user = { name: tokenData.name, email: tokenData.email, _id: tokenData._id }
    next();

} catch (error) {
    res.status(401);
     res.json({ errMessage: 'Invalid token', error });  //error here
     return
}}

The error message:

Error [ERR_HTTP_HEADERS_SENT]: Cannot set headers after they are sent to the client
at validateHeader (_http_outgoing.js:503:11)
at ServerResponse.setHeader (_http_outgoing.js:510:3)
at ServerResponse.header (..\node_modules\express\lib\response.js:771:10)
at ServerResponse.send (..\node_modules\express\lib\response.js:170:12)
at ServerResponse.json (..\node_modules\express\lib\response.js:267:15)
at authenticateUser (..\app\middlewares\authenticate.js:18:14)
at Layer.handle [as handle_request] (..\node_modules\express\lib\router\layer.js:95:5)
at next (..\node_modules\express\lib\router\route.js:137:13)
at Route.dispatch (..\node_modules\express\lib\router\route.js:112:3)
at Layer.handle [as handle_request] (..\node_modules\express\lib\router\layer.js:95:5)
at ..\node_modules\express\lib\router\index.js:281:22
at Function.process_params (..\node_modules\express\lib\router\index.js:335:12)
at next (..\node_modules\express\lib\router\index.js:275:10)
at Function.handle (..\node_modules\express\lib\router\index.js:174:3)
at router (..\node_modules\express\lib\router\index.js:47:12)
at Layer.handle [as handle_request] (..\node_modules\express\lib\router\layer.js:95:5)

Does this answer your question? [Error: Can't set headers after they are sent to the client](https://stackoverflow.com/questions/7042340/error-cant-set-headers-after-they-are-sent-to-the-client) — SuleymanSah, May 30 '20 at 08:49

score 0 · Answer 1 · answered May 30 '20 at 08:44

You are missing a return statement, if you are calling next you are probably going to some other middleware that is sending back json, or you are throwing an error after not being authorized, this should fix it.

const authenticateUser = (req, res, next) => {
const token = req.header('x-auth');
if (!token) {
    res.json({ errMessage: 'Invalid token' });
    return

}
try {
    const tokenData = verify(token, privateKey);
    req.user = { name: tokenData.name, email: tokenData.email, _id: tokenData._id }
    next();

} catch (error) {
    res.status(401);
     res.json({ errMessage: 'Invalid token', error });  //error here
     return
}}

score 0 · Accepted Answer · answered May 30 '20 at 08:46

Route handler does not exit when the response is sent to client. So, you will need to wrap your code with proper if else like

const authenticateUser = (req, res, next) => {
const token = req.header('x-auth');
if (!token) {
    res.json({ errMessage: 'Invalid token' });
}
else{
try {
    const tokenData = verify(token, privateKey);
    req.user = { name: tokenData.name, email: tokenData.email, _id: tokenData._id }
    next();

} catch (error) {
    res.status(401);
     res.json({ errMessage: 'Invalid token', error });  //error here
     return
}
}
}

Cannot set headers after they are sent to the client in a middleware

2 Answers2