I am using express. I am getting json web token BACK. In java script for example if i want to see what is in the payload i will use window atob method.But i need to do this also in back end so to make only admin users to acccess some route.How can i decode the payload from json web token so i get back for example the json object.
You can use a Lib like jsonwebtoken
https://www.npmjs.com/package/jsonwebtoken
Example:
var decoded = jwt.verify(YOUR_TOKEN, 'YOUR_SECRET_KEY')
That way you can check it is your token and get the decoded JSON object
Related
I am trying to use JWT to authenticate a user's email address. I cannot use OAuth because a user will be signing up with their work email and will need to verify using that.
I have added a field to my User model called isVerified. I have used mailgun to send an email to the user when they go to sign up that includes a link to a verification page in the form of http://{client_url}/verification/{userToken} where the userToken is a generated token using JSON web token.... the token is created using only the user's id so there is not a lot of information in the payload.
When the user clicks on this link, they are getting a 404 Not Found error. When I manually shorten the userToken in the url, then it properly connects to the correct React Component...
How do I solve this issue?
UPDATE: I just got rid of all the periods from the JWT token and it is loading like that.... so it seems to not be an issue with the length but with the periods... My react router Route path is "/verification/:userToken" ... how do I get it to not be affected by the periods?
Since this does not trigger your component to be rendered
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VySWQiOjIyLCJpYXQiOjE2MTEwMDY5OTUsImV4cCI6MTYxMTAwODE5NX0.D_-RI_YvE6lyHZFtkMizuHxPs3huIE87D6UKFEywYdg
and this does
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9
I would suspect that it somehow worked because you got rid of the dots.
Make sure the "." in the token prevent the url from matching your "verification/token" route ? I mean react is assuming that
"verification/eyxxxx.eyzzzz"
is not a valid route.
Try calling for example "verification/test.test.test" and see if it renders your component.
I'm trying to create a Slack bot that uses AWS lambda api gateway as the backend. However, the event payload I'm getting has an incomprehensible payload body.
In the example im following the body should be like
Am I supposed to decode the body somehow?
I'm following this guide exactly but I'm implementing the lambda function in python. I just don't know why my event isn't even getting the proper body.
https://youtu.be/XgFVzBNgidQ
The payload isn't gibberish it's just base64-encoded and can be decoded using a library or method that supports base64-decoding. Here's the decoded value:
token=xxxxxxxxxxxxxxxxx&team_id=TSQ1S1YKB&team_domain=dankscape&channel_id=CSQ1S2D2M&channel_name=bot&user_id=UT078Q6BA&user_name=the.dankscape&command=%2Fecho2&text=hi+spec&response_url=https%3A%2F%2Fhooks.slack.com%2Fcommands%2FTSQ1S1YKB%2F921356743414%2Fv3ltAkqOhjOU8HyLiOiMmJkG&trigger_id=908962933297.908060066657.da505f8459f1102a090444d8934e188b
I am trying to get data from Uni Stats API by sending a get request. Following is my code:
import requests
dt = requests.get(url='https://API_TOKEN#data.unistats.ac.uk/api/v4/KIS/Institution/10007856.json')
print(dt)
Whenever I run this code it returns me <401 Response> but If I try the same url https://API_TOKEN#data.unistats.ac.uk/api/v4/KIS/Institution/10007856.json in the Postman software it returns correct data in json format.
So I wanted to know how can I send a get request with requests which can return correct data?
requests.get('https://data.unistats.ac.uk/api/v4/KIS/Institution/10007856.json', auth=('user', 'pass'))
401 is an authorization error, provide authorisation to the request.get method.
Depending on your user agent, you may be able to include the access token in the url as in the following examples:
https://accesstoken#data.unistats.ac.uk/api/v4/KIS/Institution/{ukprn}/Course/{kisCourseId}
Emphasis added.
I need to make a request with e-mail and password. E-mail and password are Strings sent to my repository class. And the password need to be encoded with Base64.
I'm using Retrofit 2.
I know I need to use RequestBody class, but how can I can make the request?
This is the code from Rest interface:
#POST("login")
Call<String> login(
#Body RequestBody payload
);
In the repository, I have this to encode the password:
String encodedPassword = Base64.encodeToString(password.getBytes(), Base64.NO_WRAP);
But I need to initialize the requestBody with the email and the encodedPassword variables, to make the request.
Call<String> call = getApi().login(requestBody);
Is this really the right way?
How the requestBody attribute is initialized?
It all depends on what your API expects.
If your API expects an object encoded as JSON/XML, you send it in the request body.
For login credentials, most common is to send them as FormUrlEncoded data.
As an example:
#POST("/posts")
#FormUrlEncoded
Call<String> login(#Field("email") String email,
#Field("password") String password);
But as I said it all depends on what the API endpoint expects.
I also don't get why you need to Base64 encode the password, it doesn't add any additional security over the plain text over SSL, so you may double check this with the API documentation also.
I am trying with node js request module to post some formData. My formData contains fields (file attachments) which I have to send with same name to the server. But my formData is being sent with only one attachment which is the last I have given in the set.
I want to know how to post with formData having same name for more than one field.
I can do that with unirest module in node js. I was having trouble with the authentication. But anyway if your server is using Basic auth you can encode your username and password string with base64 and set the Authorization header with that value. I am posting my answer because I took one day to figure out how to post attachments with same field name and finally unirest gave me a solution.