Iat and exp not present in js web token

0
votes

I generate a token from the data retrieved form database and it does not have exp and iat fields, due to this it is not checking expiration time and always verify token. and also when i decoded the token on jwt.io it says invalid token. can you tell me the way to solve this? Here's my code var token=jwt.sign(members,app.get('superSecret'),{ expiresInMinutes:40 });

I am using express js

1
jwt

1 Answers

0
votes
    var token = jwt.sign({username:req.body.UserName,otherdatakey:value},'SECRET_KEY', {expiresInSeconds:exp});

    jwt.verify(req.headers.authorization, 'SECRET_KEY', { algorithms: ['HS256'] },function(err, decoded) {
                if(err && err.name=='TokenExpiredError')
                    res.status(401).send('Unauthorized Access - Token Expired'); //no need to log
                else if(err)
                    _error(401, 'Unauthorized Access',err, res);
                else
                {

                    req.token=decoded;
                    next();
                }   
}