json web token authentication using passport

passport.js

const passport = require('passport');
const JwtStrategy = require('passport-jwt').Strategy;
const ExtractJwt = require('passport-jwt').ExtractJwt;
const mongoose = require('mongoose');

const User = mongoose.model('users');
const jwtOptions = {
  jwtFromRequest: ExtractJwt.fromHeader('Authorization'),
  secretOrKey: process.env.SECRET_KEY
};

console.log("jwtOptions", jwtOptions);

const jwtLogin = new JwtStrategy(jwtOptions, function(payload, done) {
  // If id in payload exists in DB
  // call done with that user
  // if not, call done without a userobject
  console.log("The payload is:: ",jwtOptions,  payload);
  debugger;
  User.findById(payload)
    .then((user) => {
      console.log(`User is ${user}`);
      // if (err) return done(err, false);
      if (!user)
        return done(null, false);
      return done(null, user);
    })
    .catch((err) => {
      console.log(`Error is ${err}`);
      done(err, false);
    })
});

// Tell passport to use this strategy
passport.use(jwtLogin);

router.js

const passport = require('passport');

require('./services/passport');
const requireAuth = passport.authenticate('jwt', { session: false });


module.exports = (app) => {
  app.route('/')
    .get(function(req, res) {
      res.json({msg:'hello'});
    });

  app.route('/protected')
    .get(function(req, res, next) {
      debugger;
      next(); 
    }, requireAuth, function(req, res) {
      res.json({ msg: 'Protected roue'});
    })
}