Hi Dan,
Here they are:
"dependencies": {
"cors": "^2.8.5",
"dotenv": "^8.2.0",
"express": "^4.17.1",
"helmet": "^4.1.1"
},
"devDependencies": {
"@types/cors": "^2.8.8",
"@types/dotenv": "^8.2.0",
"@types/express": "^4.17.8",
"@types/helmet": "^4.0.0",
"@types/node": "^14.14.5",
"ts-loader": "^8.0.7",
"webpack": "^5.3.0",
"webpack-cli": "^4.1.0",
"webpack-node-externals": "^2.5.2"
}
and I run TypeScript 4.0.3-1 and Node 14.14.0 on Arch Linux.
Thanks.
Thomas, I have a feeling this may be related to using a different version of Webpack. The blog post uses Webpack 4: wab-ts-express-api/package.json at master · auth0-blog/wab-ts-express-api · GitHub
Could you try using the versions in the package.json listed above, please?
If it works, then I’ll need to update the post to work with Webpack 5. Though… I have been thinking about removing the Webpack step altogether tbh 
Where did the HttpException class come from?
export default class HttpException extends Error {
statusCode: number;
message: string;
error: string | null;
constructor(statusCode: number, message: string, error?: string) {
super(message);
this.statusCode = statusCode;
this.message = message;
this.error = error || null;
}
}
I can see statusCode value here.
But where does the error property come from? I had a look in the Express for it but couldn’t seem to find anything.
I referenced this article in a GitHub issue but I adapted it to a simple interface.
1 Like
Hi Auth0 Team. I followed the tutorial and I’m having a 500 (Internal Server Error) for something I’m incorrectly doing.
A bit of context:
React App authentication works and I get the token
Token Added to Header ‘Barer token’
I am calling a private API which uses the middleware suggested in your post, as bellow:
import jwt from 'express-jwt';
import { expressJwtSecret } from 'jwks-rsa';
export const checkAuthenticationToken = jwt({
secret: expressJwtSecret({
cache: true,
rateLimit: true,
jwksRequestsPerMinute: 5,
jwksUri: 'https://my-company-url.eu.auth0.com/.well-known/jwks.json',
}),
audience: 'https://my-company-url.eu.auth0.com/api/',
issuer: 'https://my-company-url.eu.auth0.com/',
algorithms: ['RS256'],
});
This is my private api method
export const register = (app: express.Application): void => {
app.post(
'/api/auth',
checkAuthenticationToken,
promiseRejectionHandler(async (request: Request, response: Response) => {
const authenticatedUser = await authenticate(request.body, request);
return response.status(200).send(authenticatedUser);
})
);
};
Http status 500 is happening before authenticate and it’s also not falling in promiseHandler
If I remove the middleware it enters in the method but that’s not the expected behaviour.
In short, my questions here are:
- what I did wrong in my middleware ?
- In the auth http method I would like to receive a token, get the user from this token and check in my database if the user have access. Is this the best practice ?
Thanks in advance.
Daniel Santana
I’ve identified the error and consequently the issue:
The token I was generating was invalid because I missed the audience information in my auth0-token settings.
The Http 500 error was being generated by my error handler function and bellow the actual error my authentication middleware was throwing:
Will keep the post update in case someone else face the similar issues.
To solve this issue I’ve added the missing audience as bellow:
const authLockOptions: Auth0LockConstructorOptions = {
allowSignUp: false,
auth: {
audience: 'https://my-company.eu.auth0.com/api/v2/',
},
languageDictionary: { title: '' },
};
Thank you.
2 Likes
Howdy, Daniel! Thanks for reading the blog post. I am glad that you got it all sorted out.
1 Like
This topic was automatically closed 26 days after the last reply. New replies are no longer allowed.
