Giters

auth0 / express-jwt

connect/express middleware that validates a JsonWebToken (JWT) and set the req.user with the attributes

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Express-JWT 7.x Typescript+Express Typing issues

dfellis opened this issue · comments

commented

Description

I have followed the type overriding to integrate express-jwt and jwks-rsa but the Typescript Express instructions do not work for me.

When I use the provided Request type from express-jwt, I receive the following error from the Typescript compiler:

src/router/db.ts:66:20 - error TS2769: No overload matches this call.
  The last overload gave the following error.
    Argument of type '(req: Request, res: express.Response) => Promise<express.Response<any, Record<string, any>> | undefined>' is not assignable to parameter of type 'Application<Record<string, any>>'.
      Type '(req: Request, res: Response<any, Record<string, any>>) => Promise<Response<any, Record<string, any>> | undefined>' is missing the following properties from type 'Application<Record<string, any>>': init, defaultConfiguration, engine, set, and 61 more.

66 db.post('/export', async (req: Request, res: express.Response) => {
                      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

  node_modules/@types/express-serve-static-core/index.d.ts:174:5
    174     (path: PathParams, subApplication: Application): T;
            ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    The last overload is declared here.

Reproduction

I suspect it is due to the difference in how we attach express-jwt to our endpoints. As we apply it to nearly all endpoints in our application if auth is enabled by the user, we placed it in an express use function to be executed on all of our /v1/ endpoints. The complaint happens in a sub-Express object that has been converted, in this case a POST endpoint on /v1/db/export.

I expect that the req variable is still being mutated correctly in v7.x, but the type is getting erased and returned back to the standard express.Request type. The @types/express-jwt package for 6.x simply mutates the global type space for Express adding an interface also named Request that contains an optional user property of an opaque User interface type.

This may be a solution here, or it may be too heavy-handed for you, but I wanted to bring it up if you can't find a proper solution to the apparent type erasure problem.

Environment

Please provide the following:

  • Version of this library used: express-jwt@7.7.5
  • Version of the platform or framework used, if applicable: Node v16.15.0, Express v4.18.1, Typescript v4.7.3
  • Other relevant versions (language, server software, OS, browser): Reproducible across multiple OSes, but I am on Ubuntu 22.04.
  • Other modules/plugins/libraries that might be involved: I am pretty sure I covered them all above.
commented

We didn't want to polute the Request object globally in this release as this also generates some problems.

I am not sure what's the definition of your db.post or where does this comes from. Maybe if you give me more details about this I can propose other solutions.

If it is fine for you, you can extend express Request globally in your project.

Another option is to cast the object to expressJwt.Request as in const auth = (req as expressJwt.Request).auth instead of changing the signature of the handler