oscklm
oscklm5mo ago

[ConvexAuth]: ERROR Auth token is not a valid JWT, cannot refetch the token

Hey, I'm using ConvexAuth in app, and specifically, using the password-code from the convex auth demo repo, i'm able to successfully sign up and verify with my email code. And also able to login when using the password-code provider and flow signIn But upon being signed in, i get the following error: ERROR Auth token is not a valid JWT, cannot refetch the token convex/auth.ts
import { Password } from '@convex-dev/auth/providers/Password';
import { convexAuth } from '@convex-dev/auth/server';
import { ResendOTPPasswordReset } from '../resend/PasswordReset/ResendOTPPasswordReset';
import { ResendOTP } from '../resend/ResendOTP';

export const { auth, signIn, signOut, store } = convexAuth({
providers: [
Password({
id: 'password-code',
reset: ResendOTPPasswordReset,
verify: ResendOTP,
}),
],
callbacks: {
async afterUserCreatedOrUpdated(ctx, { userId }) {
if (!userId) return;
await ctx.db.patch(userId, {
role: 'user',
});
},
},
session: {
totalDurationMs: 1000 * 60 * 60 * 24 * 30, // 90 days
inactiveDurationMs: 1000 * 60 * 60 * 24 * 7, // 7 days
},
});
import { Password } from '@convex-dev/auth/providers/Password';
import { convexAuth } from '@convex-dev/auth/server';
import { ResendOTPPasswordReset } from '../resend/PasswordReset/ResendOTPPasswordReset';
import { ResendOTP } from '../resend/ResendOTP';

export const { auth, signIn, signOut, store } = convexAuth({
providers: [
Password({
id: 'password-code',
reset: ResendOTPPasswordReset,
verify: ResendOTP,
}),
],
callbacks: {
async afterUserCreatedOrUpdated(ctx, { userId }) {
if (!userId) return;
await ctx.db.patch(userId, {
role: 'user',
});
},
},
session: {
totalDurationMs: 1000 * 60 * 60 * 24 * 30, // 90 days
inactiveDurationMs: 1000 * 60 * 60 * 24 * 7, // 7 days
},
});
SignInScreen.tsx
export const SignInScreen = () => {
//...
const { signIn } = useAuthActions();

const handleLogin = async (values: SignInFormValues) => {
try {
await signIn('password-code', {
flow: 'signIn',
email: values.email,
password: values.password,
});
router.back();
} catch (error) {
console.log(error);
}
};

//...
};
export const SignInScreen = () => {
//...
const { signIn } = useAuthActions();

const handleLogin = async (values: SignInFormValues) => {
try {
await signIn('password-code', {
flow: 'signIn',
email: values.email,
password: values.password,
});
router.back();
} catch (error) {
console.log(error);
}
};

//...
};
1 Reply
oscklm
oscklmOP5mo ago
When trying to verify the JWT token that gets stored in SecureStore through the ConvexAuthProvider after authentication, with jwt.io debug tool. I'm getting told it's an invalid signature, looks fine though looking at it: The payload looks legit though:
{
"sub": "r97905c5cj00xyzc84btewpedx6ybwzc|qx736sz906dtqnmp87xb2fdfbd6yba30",
"iat": 1722972985,
"iss": "https://*****************.convex.site",
"aud": "convex",
"exp": 1722976585
}
{
"sub": "r97905c5cj00xyzc84btewpedx6ybwzc|qx736sz906dtqnmp87xb2fdfbd6yba30",
"iat": 1722972985,
"iss": "https://*****************.convex.site",
"aud": "convex",
"exp": 1722976585
}
Have also attempted generating new JWKS and JWT_PRIVATE_KEY using the generateKeys.mjs script and setting them on the dev deployment That didn't change anything unfortunately ✅ Removing yarn.lock, and node_modules, did the trick here. Maybe some package related to the JWT verification had a wrong version or something, would be my guess

Did you find this page helpful?