Nest: [Passport] Custom callback in Passport Middleware for error handler

Created on 5 Oct 2017 · 21Comments · Source: nestjs/nest

Some errors types as invalid signature, jwt expired, no auth token, invalid token, invalid algorithm... are not being handled on passport-jwt

The default response send only 'unauthorized' message and http status 401

In this Issue the author recommend using custom callbacks according to official passport docs

I've tried to try the following code, but I can not get it to work fine

export class AuthModule implements NestModule {
  public configure(consumer: MiddlewaresConsumer) {
    consumer
      .apply(passport.authenticate('jwt', { session: false }, (err, user, info) => {
        console.log(info.message)
      }))
      .forRoutes({ path: '/auth/authorized', method: RequestMethod.ALL });
  }
}

console.log(info.message) Is printed but does not can exit function, and within it next() function is not available, so response stays in the waiting forever

Any idea?

type

Source

cdiaz

👍1

All 21 comments

Hi @cdiaz,
Just use class middleware, not the functional one.

kamilmysliwiec on 7 Oct 2017

😕1

Hi @kamilmysliwiec, i'm using class middleware, but I can not access to the next() function inside passport.

This is my Example

Result:
TypeError: next is not a function

cdiaz on 14 Oct 2017

Hi @cdiaz ,
Change:

 (err, user, info, next) =>

into:

 (err, user, info) =>

You're overriding next variable.

kamilmysliwiec on 14 Oct 2017

@kamilmysliwiec I had already tried that but it does not work.

next() does not exist in the passport context

cdiaz on 14 Oct 2017

Hey !

If you try to wrap you return in a arrow function like that ?

return async (req: Request, res: Response, next: NextFunction) => {

adrien2p on 15 Oct 2017

Hi @adrien2p
something like that?

@Middleware()
export class JwtMiddleware implements NestMiddleware {
  public resolve(): (req, res, next) => void {
    return async (req: Request, res: Response, next: NextFunction) => {
      await passport.authenticate('jwt', { session: false }, (err, user, info) => {
        if(err){
          throw new HttpException(info.message, 401)
        }
        else{
          next()
        }
      })
    }
  }
}

cdiaz on 16 Oct 2017

Hi @cdiaz yes something like that, did you try ?

adrien2p on 16 Oct 2017

@adrien2p Yes, I tried but Next() does not work within the passport context

cdiaz on 17 Oct 2017

Hey, could you try insteadof the third parameter something like
passeport.authenticate('jwt', { session: false })(req, res, next)
Then ensure you than the header contains 'Authorization JWT Jwt_token and let me noticed :)

See you

adrien2p on 17 Oct 2017

thanks @adrien2p , but I have already tried all this and I have not been able to solve it, @kamilmysliwiec reopen the issue until there is a solution, please

cdiaz on 17 Oct 2017

@Middleware()
export class JwtMiddleware implements NestMiddleware {
  public resolve(): (req, res, next) => void {
    return passport.authenticate('jwt', { session: false })
  }
}

Could you execute that and send back the exception handled ?

adrien2p on 17 Oct 2017

hi,

you can access next like this.

@Middleware()
export class LocalStrategyMiddleware implements NestMiddleware {
    resolve() {
        return async (req, res, next) => {
            return await passport.authenticate('local', {session: true}, (err, user, info) => {
                if (err) {
                    next(new HttpException(err, 401));
                }
                else {
                    next();
                }
            })(req, res, next)
        }
    }
}