diff --git a/lib/index.js b/lib/index.js
index 37405fd..48da0bd 100644
--- a/lib/index.js
+++ b/lib/index.js
@@ -27,9 +27,8 @@ function noQsMethod(options) {
       if(options.required){
         clearTimeout(auth_timeout);
       }
-      jwt.verify(data.token, options.secret, options, function(err, decoded) {
-        // error handler
-        var onError = function(err, code) {
+      // error handler
+      var onError = function(err, code) {
           if (err) {
             code = code || 'unknown';
             var error = new UnauthorizedError(code, {
@@ -40,7 +39,13 @@ function noQsMethod(options) {
             });
             return; // stop logic, socket will be close on next tick
           }
-        };
+      };
+      
+      if(typeof data.token !== "string") {
+        return onError({message: 'invalid token datatype'}, 'invalid_token');
+      }
+      
+      jwt.verify(data.token, options.secret, options, function(err, decoded) {
 
         if (err) {
           return onError(err, 'invalid_token');