Unable to Fetch User Orders – Getting 401 (Unauthorized) Error

Advertisements

I am currently working on a React application where users can view their orders. I have implemented user authentication using JSON Web Tokens (JWT). However, when attempting to fetch the user’s orders, I am consistently getting a 401 (Unauthorized) error.

React components

// UserOrders.jsx

import React, { useState, useEffect } from 'react';
import { Link } from 'react-router-dom';
import { format } from 'date-fns';
import Cookies from 'js-cookie';

function UserOrders() {
  const [order, setOrder] = useState([]);

  useEffect(() => {
    const fetchOrder = async () => {
      try {
        const token = Cookies.get('token');
        if (!token) {
          console.error('No token found');
          return;
        }

        const response = await fetch('http://localhost:4000/api/v1/orders/me', {
          method: 'GET',
          headers: {
            'Content-Type': 'application/json',
            'Authorization': `Bearer ${token}`,
          },
        });

        if (response.ok) {
          const data = await response.json();
          console.log(data.order);
          setOrder(data.order);
        } else {
          console.error('Failed to fetch user orders');
        }
      } catch (error) {
        console.error('Error fetching user orders', error);
      }
    };

    fetchOrder();
  }, []);

  // ... rest of the component
}

export default UserOrders;

server side

// server.js

const orderRouter = require('express').Router();
const jwt = require('jsonwebtoken');

orderRouter.get("/me", isAuthenticated, async (req, res) => {
  const token = req.cookies.token;

  try {
    if (!token) {
      return res.status(401).send("Unauthorized: No token found");
    }

    const decodedToken = jwt.verify(token, 'your-secret-key');
    const userId = decodedToken.userId;

    const order = await Orders.find({ user: userId });
    res.json({ order });
  } catch (error) {
    res.status(401).send("Unauthorized: Invalid token");
  }
});

1.Check Token Existence
2.I’ve ensured that the token is being sent correctly in the Authorization header
3.On the server side, I’m decoding and verifying the token.

>Solution :

You’re sending the token as an Authorization header:

headers: {
  'Content-Type': 'application/json',
  'Authorization': `Bearer ${token}`,
}

But looking for it in the cookies:

const token = req.cookies.token;

Get it from the headers instead:

const token = req.headers.authorization;

(You may need to filter out the "Bearer " part of the value before validating the token, your debugging can confirm.)

Leave a ReplyCancel reply