TypeError: jwt.sign is not a function

Question

I include the express, etc including:

var expressJwt = require('express-jwt'); //https://npmjs.org/package/express-jwt
var secret = 'this is the secret secret secret 12356';
var jwt = require('jsonwebtoken');  //https://npmjs.org/package/node-jsonwebtoken

then define my sequelize models and epilogue routes and place this here:

app.post('/authenticate', function (req, res) {
  //TODO validate req.body.username and req.body.password
  //if is invalid, return 401
  if (!(req.body.username === 'john.doe' && req.body.password === 'foobar')) {
    res.status(401).send('Wrong user or password');
    return;
  }

  var profile = {
    first_name: 'John',
    last_name: 'Doe',
    email: '[email protected]',
    id: 123
  };

  // We are sending the profile inside the token
  var token = jwt.sign(profile, secret, { expiresInMinutes: 60*5 });

  res.json({ token: token });
});

When I enter john.doe and foobar in a form, I get told by console that jwt.sign is not a function, even after an npm install.

Answer 1

jsonwebtoken is used only to validate/decode jwts on express.js requests.

If you need to sign requests you need to use node-jsonwebtoken:

https://github.com/auth0/node-jsonwebtoken

GH issue:

https://github.com/auth0/express-jwt/issues/48

here's a nice blogpost about what you are trying to do:

https://matoski.com/article/jwt-express-node-mongoose/