OiO.lk Community platform!

Oio.lk is an excellent forum for developers, providing a wide range of resources, discussions, and support for those in the developer community. Join oio.lk today to connect with like-minded professionals, share insights, and stay updated on the latest trends and technologies in the development field.
  You need to log in or register to access the solved answers to this problem.
  • You have reached the maximum number of guest views allowed
  • Please register below to remove this limitation

JWT token with API Gateway returns unauthorized all the time

  • Thread starter Thread starter Phil
  • Start date Start date
P

Phil

Guest
I have an axios call using JWT token that works when I call the EC2 instance directly, but when I call it through the API Gateway, it returns:

Code:
success:    false
message:    "unauthorized access! no headers!"

here is the nodejs code:

Code:
exports.isAuth = async (req, res, next) => {
  if (req.headers && req.headers.authorization) {
    const token = req.headers.authorization.split(' ')[1];

    try {
      const decode = jwt.verify(token, process.env.JWT_SECRET);
      const user = await User.findById(decode.userId);
      if (!user) {
        return res.json({ success: false, message: 'unauthorized access!' });
      }

      req.user = user;
      next();
    } catch (error) {
      if (error.name === 'JsonWebTokenError') {
        return res.json({ success: false, message: 'unauthorized access!' });
      }
      if (error.name === 'TokenExpiredError') {
        return res.json({
          success: false,
          message: 'sesson expired try sign in!',
        });
      }

      res.res.json({ success: false, message: 'Internal server error!' });
    }
  } else {
    res.json({ success: false, message: 'unauthorized access! no headers!' });
  }
};

here is the Reactjs code:

Code:
const headers = {
   Accept: 'application/json',
   'Content-Type': 'multipart/form-data',
   authorization: `JWT ${token}`,
};

return axios.get(BE_URI + "/fetch-general-news", { headers });

I did however make sure the API Gateway's endpoint allowed headers, but it looks like the headers are not being forwarded, what am I doing wrong? enter image description here

<p>I have an axios call using JWT token that works when I call the EC2 instance directly, but when I call it through the API Gateway, it returns:</p>
<pre class="lang-none prettyprint-override"><code>success: false
message: "unauthorized access! no headers!"
</code></pre>
<p>here is the nodejs code:</p>
<pre><code>exports.isAuth = async (req, res, next) => {
if (req.headers && req.headers.authorization) {
const token = req.headers.authorization.split(' ')[1];

try {
const decode = jwt.verify(token, process.env.JWT_SECRET);
const user = await User.findById(decode.userId);
if (!user) {
return res.json({ success: false, message: 'unauthorized access!' });
}

req.user = user;
next();
} catch (error) {
if (error.name === 'JsonWebTokenError') {
return res.json({ success: false, message: 'unauthorized access!' });
}
if (error.name === 'TokenExpiredError') {
return res.json({
success: false,
message: 'sesson expired try sign in!',
});
}

res.res.json({ success: false, message: 'Internal server error!' });
}
} else {
res.json({ success: false, message: 'unauthorized access! no headers!' });
}
};
</code></pre>
<p>here is the Reactjs code:</p>
<pre class="lang-js prettyprint-override"><code>const headers = {
Accept: 'application/json',
'Content-Type': 'multipart/form-data',
authorization: `JWT ${token}`,
};

return axios.get(BE_URI + "/fetch-general-news", { headers });
</code></pre>
<p>I did however make sure the API Gateway's endpoint allowed headers, but it looks like the headers are not being forwarded, what am I doing wrong? <a href="https://i.sstatic.net/26i9WpFM.png" rel="nofollow noreferrer"><img src="https://i.sstatic.net/26i9WpFM.png" alt="enter image description here" /></a></p>
 

Latest posts

Online statistics

Members online
0
Guests online
4
Total visitors
4
Top