1 reply

Using jwt for changing passwords

We're trying to get jwts to work with our app, and while I can get the jwt to be generated and passed to the client.
But I'm getting 401 Unauthorized when I'm trying to use it to make any operations, such as changing the password.

The docs mention that I should use the Bearer plugin, which I did

This plugin is not meant as a replacement for the session. It's meant to be used for services that require JWT tokens. If you're looking to use JWT tokens for authentication, check out the Bearer Plugin.

E.g. sequence of api calls

$ curl -c /tmp/cookies -v -X POST localhost:8888/api/auth/sign-in/email --json '{"email": "mi-email@example.CoM", "password": "helloWorld123"}'

$ token=$(curl -v -b /tmp/cookies localhost:8888/api/auth/token | jq -r '.token')
curl -v -H "Authorization: Bearer $token" localhost:8888/api/auth/change-password --json '{"newPassword":"helloworlds", "currentPassword": "helloWorld123"}'

$ curl -c /tmp/cookies -v -X POST localhost:8888/api/auth/sign-in/email --json '{"email": "mi-email@example.CoM", "password": "helloWorld123"}'

$ token=$(curl -v -b /tmp/cookies localhost:8888/api/auth/token | jq -r '.token')
curl -v -H "Authorization: Bearer $token" localhost:8888/api/auth/change-password --json '{"newPassword":"helloworlds", "currentPassword": "helloWorld123"}'

How can I get the jwt working?

JWT | Better Auth

Authenticate users with JWT tokens in services that can't use the session

Better Auth•4mo ago•

1 reply

momoneko

Using jwt for changing passwords

This plugin is not meant as a replacement for the session. It's meant to be used for services that require JWT tokens. If you're looking to use JWT tokens for authentication, check out the Bearer Plugin.

E.g. sequence of api calls

$ curl -c /tmp/cookies -v -X POST localhost:8888/api/auth/sign-in/email --json '{"email": "mi-email@example.CoM", "password": "helloWorld123"}'

$ token=$(curl -v -b /tmp/cookies localhost:8888/api/auth/token | jq -r '.token')
curl -v -H "Authorization: Bearer $token" localhost:8888/api/auth/change-password --json '{"newPassword":"helloworlds", "currentPassword": "helloWorld123"}'

$ curl -c /tmp/cookies -v -X POST localhost:8888/api/auth/sign-in/email --json '{"email": "mi-email@example.CoM", "password": "helloWorld123"}'

$ token=$(curl -v -b /tmp/cookies localhost:8888/api/auth/token | jq -r '.token')
curl -v -H "Authorization: Bearer $token" localhost:8888/api/auth/change-password --json '{"newPassword":"helloworlds", "currentPassword": "helloWorld123"}'

How can I get the jwt working?

JWT | Better Auth

Authenticate users with JWT tokens in services that can't use the session

Using jwt for changing passwords

Similar Threads

Using jwt for changing passwords

Similar Threads

Similar Threads

Similar Threads