1.) Be sure to check what System.out.println("Generated JWT token: " + jwt) in your backend returns

2.) In your frontend, can you place console.log("Token set:", jwt) before the setToken(jwt) function and see what it logs?

3.) I am sure the token expected to be passed in the headers in authenticated requests is supposed to be a string type. Be sure what is being logged in number 2 above are strings. Otherwise, extract the token from the object in the frontend and send to your setToken(jwt) function.

4.) After the user logs in, check the value of the token in the localStorage to be sure it's a string. Otherwise, something is wrong in either step 1 or 2.

5.) On a final note, using typescript would help to catch bugs of this nature.