Add support for Bearer scheme in remove method (#403)

src/service.js

@@ -27,7 +27,10 @@ class Service {
 
   remove (id, params) {
     const defaults = this.app.get('auth');
-    const accessToken = id !== null ? id : params.headers[defaults.header.toLowerCase()];
+    const authHeader = params.headers && params.headers[defaults.header.toLowerCase()];
+    const authParams = authHeader && authHeader.match(/(\S+)\s+(\S+)/);
+    const accessToken = id !== null ? id : authParams && authParams[2] || authHeader;
+
     // TODO (EK): return error if token is missing?
     return this.passport
       .verifyJWT(accessToken, merge(defaults, params))

test/service.test.js

@@ -124,5 +124,19 @@ describe('/authentication service', () => {
         expect(response).to.deep.equal({ accessToken });
       });
     });
+
+    it('verifies an accessToken in the header', () => {
+      const params = { headers: { authorization: accessToken } };
+      return app.service('authentication').remove(null, params).then(response => {
+        expect(response).to.deep.equal({ accessToken });
+      });
+    });
+
+    it('verifies an accessToken in the header with Bearer scheme', () => {
+      const params = { headers: { authorization: `Bearer ${accessToken}` } };
+      return app.service('authentication').remove(null, params).then(response => {
+        expect(response).to.deep.equal({ accessToken });
+      });
+    });
   });
 });