Decoded JWT is not being saved in req.user when verified

[JoeKolba]

[x] Bug

JWT Policy is validating the JWT correctly, however the user in req.user is not being created. I am running the latest version.

JWT: { "sub": "1234567890", "name": "John Doe", "admin": "true", }

gateway config: policies: - jwt: - action: secretOrPublicKey: secret checkCredentialExistence: false - proxy: - action: serviceEndpoint: endpoint

[vahid4mm]

I have the same problem, I don't know if it's a bug or not but can't figure it out.

[vahid4mm]

After hours of hair pulling, I found this link https://www.express-gateway.io/docs/policies/request-transformer/ it seems the req.user is not added by default and it's necessary to use request-transformer and add it to body or header as you wish. I really don't know if this is mentioned somewhere in the docs or not because I'm terrible at reading docs.

policies:
      -
        jwt:
          action:
            secretOrPublicKey: theKEY
            checkCredentialExistence: false
      -
        request-transformer:
          action:
            body:
              add:
                user: req.user

[XVincentX]

This is on purpose. Express Gateway will never touch your request body — if you need to forward it somehow you need effectively to use the request transformed to add is as an header or in the body — that is really up to you.

The issue here pointed out is different though — he's complaining that req.user is null — a totally different thing from what you're describing here.

[vahid4mm]

The fact that this is on purpose totally make sense. Actually everything about express gateway make sense. I'm sorry that I didn't understand the actual problem @deviant32 has mentioned (to be fair, the post doesn't talk about being null).