I have a reactjs app running on localhost:3000, I want to use auth0 for authentication. The user authenticates on the front end successfully and when sending requests to the nodejs express api, I want it to validate the jwt for certain end points. Currently, I have 2 paths
localhost:8001/api/displays and localhost:8001/api/orders/all, I have configured the express-openid-connect jwks-rsa express-jwt in my server.js. I have set the authRequired: false and not using the requiresAuth () on any endpoint. Still, I get the 401 Unauthorized when accessing displays and orders.
server.js
import cors from 'cors';
var corsOptions = {
origin: "http://localhost:3000",
optionsSuccessStatus: 200
}
app.use(cors(corsOptions));
app.use(auth({
authRequired: false,
auth0Logout: true,
baseURL: 'http://localhost:8001',
clientID: '****',
issuerBaseURL: '****',
secret: '****'
}));
var jwtCheck = jwt({
secret: jwks.expressJwtSecret({
cache: true,
rateLimit: true,
jwksRequestsPerMinute: 5,
jwksUri: '****/.well-known/jwks.json'
}),
audience: 'localhost:8001',
issuer: '****',
algorithms: ['RS256']
});
app.use(jwtCheck);
routes.js
import eoc from 'express-openid-connect';
const { requiresAuth } = eoc;
export const displayRoutes = app => {
let router = express.Router();
router.get("/", findAllDisplays);
app.use('/api/displays', router);
};
export const ordersRoutes = app => {
let router = express.Router();
router.get("/", getAllOrders);
app.use('/api/orders/all', router);
};