{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 我命由我不由天 的问题《Json Web Token verify() return jwt malformed》','https://www.manongdao.com/q-1371230.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
const jwt = require("jsonwebtoken");
const SECRET = "superSuperSecret";
module.exports = function(req, res, next) {
const token = req.body.token || req.query.token || req.headers[ "x-access-token" ];
if (token) {
return jwt.verify(token, SECRET, function(err, decoded) {
if (err) {
return res.json({
success: false,
message: "Failed to authenticate token.",
});
}
req.user = decoded;
return next();
});
}
return res.unauthorized();
};
I'm using Postman to test my API. I setup the header with a x-access-token key and the value superSuperSecret. I got the error {"name":"JsonWebTokenError","message":"jwt malformed","level":"error"}. I'm using this https://github.com/FortechRomania/express-mongo-example-project/blob/master/src/middlewares/validateToken.js
You cannot pass any value as token. You need
jwt.sign()to create a token. Look at the documentation of JWT for more information.Also,
For the request Header name just use
Authorizationnotx-access-token. Place Bearer before the Token.Each part of the JWT is a base64url encoded value. You can get your token as:
From what I see, you are not sending the actual JWT token but the secret instead. A valid JWT token consist of a three-part string delimited by dots, like so:
https://jwt.io/
As you can see on the above website, 'superSuperSecret' is not a valid JWT token.
Note :
JWT will return jwt malformed If Token is null that is being passed to jwt.verifty function