TokenError: Code is invalid or expired

Question

TokenError: Code is invalid or expired

xonarin opened this issue a year ago · comments

xonarin commented a year ago

Hello.

I use authorization method - https://www.passportjs.org/packages/passport-vkontakte/

And authorization works for me, but sometimes an error pops up and the application crashes.

What could be the problem? Here is the code.


app.get(
    '/auth/vk',
    (_0, res, next) => {
        const now = Date.now();

        if (now - lastVkAuth < 1000) {
            res.redirect('/');
        } else {
            lastVkAuth = Date.now();
            next();
        }
    },
    passport.authenticate('vkontakte', {
        failureRedirect: '/',
        session: false,
    }),
);

app.get(
    '/auth/vk/return',
    passport.authenticate('vkontakte', {
        failureRedirect: '/',
        session: false,
    }),
    async (req, res) => {
        if (req.user && req.authInfo) {
            const expiresIn = 60 * 60 * 24 * 180; // 180 days
            const token = jwt.sign(req.user, config.auth.jwt.secret, { expiresIn });
            res.cookie(config.auth.tokenKey, token, { maxAge: 1000 * expiresIn });

            // Set referrer if it is define in cookies
            const { refId } = req.cookies;
            if (refId && req.authInfo.isRegistered) {
                await repositories.users.setReferrer(req.user.id, refId);
                res.clearCookie('refId');
            }
        }
        res.redirect('/');
    },
);

Error screen - https://ibb.co/mJB1JsY

xonarin · Answer 1 · Tue Mar 21 2023 06:01:09 GMT+0800 (China Standard Time)

How to handle TokenError ?

Passing err to the argument and the if(err) condition didn't help anywhere.

Yashar Fakhari · Answer 2 · Sat Jul 22 2023 05:47:57 GMT+0800 (China Standard Time)

It sounds like your token is just expiring. You would need to refresh it with something like passport-oauth2-refresh.