auth.hooks.authenticate(['jwt']) not adding user to params #545
Comments
That's odd. Looking at the code, it looks like they get merged in here: https://github.com/feathersjs/feathers-authentication/blob/master/src/hooks/authenticate.js#L55 Can you try using a debugger to track it down around that point? (it will have to be in the compiled version) |
@marshallswain This is what I get when I debug:
I am also debugging the |
@MHerszak do you have more logs? Do you see the user in the debug logs? What does your config look like? How are you setting up/registering authentication? All that would make it much easier to see what is going on. There are lots of moving parts with auth. |
Hi, @ekryski, I don't see a user but I see my accessToken in the header. My config file:
In terms of registering and sign in. I have a afterCreate hook and do this:
I just noticed Does that help? Thanks for your response! |
I have the same problem whilst running unit tests. My config is broadly the same as the OP. I create some dummy users in the before test hooks, and my tests fail due to the associateCurrentUser hook not finding the configured key (the error is actually just symptomatic of hook.params.user being an empty object). Test bootstrap code as follows:
Abridged test bootstrap code:
When I make the request in the test, the hook contains authenticated: true, and the code makes it past the hooks.authenticate('jwt') middleware call ok, but the user is not appended to the params. Looking through _lib/passport/authenticate.js, it appears as if the user payload is never returned from the strategy.success callback and merged into the request body, but I'm not sure why. Regular code execution seems fine, this only seems to manifest in tests in my case. |
Having the same issue in unit tests when doing authenticating through the |
Internal requests are not authenticated. Just pass the user you need as |
I have corrected my answer, I don't know whether you answered the original or the corrected one. But why when using the |
Internal calls on the server are allowed to do everything, why would you need to authenticate if you can just pass the user you need? |
I want to test authenticated requests, but I thought it would be easier to create the authorization token by calling the |
It seems that this affects libs as f |
I'm having an issue with getting the user to show up in |
I'm experiencing the same issue. I have a similar setup as mentioned by @minirobotdan (i.e., seed some users, log them in, then attach their JWT as an header. After some debugging, I tracked the issue down (documented below). It's starts with these lines. Here's the relevant extract: const id = payload[`${this.options.entity}Id`];
if (id === undefined) {
debug(`JWT payload does not contain ${this.options.entity}Id`);
return done(null, {}, payload);
}
debug(`Looking up ${this.options.entity} by id`, id); It's looking for This appears to be set in /* snip ... */
.then(entity => {
const id = entity[this.service.id];
const payload = { [`${this.options.entity}Id`]: id }; // <- this adds the user id.
done(null, entity, payload);
}) These lines are never hit in test ... because in my test code, I "authenticated" the fake user like so: app.service('/authentication')
.create({
strategy: 'local',
password: 'foo',
email: 'bar'
}).then(({ accessToken }) => { /* use access token */}) Somehow, while the authentication request does indeed generate an access token, it bypasses the bit in the authentication-local package that sets the The "fix" here is to switch this to simulate an actual request (I'm using supertest): request(app)
.post('/authentication')
.send({ /* authentication payload */
.then(res => { res.body.accessToken /* has jwt now */ }); Based on @daffl 's comment above, it sounds like this is expected behavior. So, perhaps the answer is to just go all the way and simulate a full login request rather than grabbing the application service and putting the JWT creation directly against the service. @daffle can you confirm that there's no other way to use internal call |
This has been fixed Feathers v4 authentication. Please see the migration guide for more information. Closing this issue in order to archive this repository. Related issues can be opened at the new code location in the Feathers main repository. |
Steps to reproduce
I am currently trying to access hooks.params.user on almost all my services on the server. I am using
auth.hooks.authenticate(['jwt'])
.Expected behavior
I expect a user to be attached to hook.params.
Actual behavior
Every time I access hook.params it seems to be empty.
System configuration
Module versions (especially the part that's not working):
NodeJS version:
The text was updated successfully, but these errors were encountered: