-
Notifications
You must be signed in to change notification settings - Fork 120
Conversation
Channel socket auth through the token service instead of calling app.authenticate manually. This also makes it so the client has to provide a strategy explicitly, and removes the strategy iteration from `passport/authenticate.js`. Also updates tests.
I’ve added a couple of debugger statements here and have set up the tests so that the failing test is the only one running. For some reason the debuggers never get hit. I have yet to find the cause.
src/socket/handler.js
Outdated
params: {}, | ||
body, | ||
provider: 'socketio', | ||
// body: data, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Needs to be removed?
test/integration/rest.test.js
Outdated
@@ -441,7 +441,7 @@ describe('REST authentication', function () { | |||
}); | |||
|
|||
describe('when authentication succeeds', () => { | |||
it('emits login event', done => { | |||
it.only('emits login event', done => { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is the failing test. Well, one of two that are failing for what looks like the same cause.
src/express/authenticate.js
Outdated
@@ -11,6 +11,7 @@ export default function authenticate (strategy, options = {}) { | |||
|
|||
return function (req, res, next) { | |||
// If we are already authenticated skip | |||
debugger; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This debugger
never gets hit.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Pretty minor stuff. Just removing some commented out code and updating the strategyName
assignment.
src/hooks/authenticate.js
Outdated
if (!strategy) { | ||
return Promise.reject(new errors.GeneralError(`You must provide an authentication 'strategy'`)); | ||
} | ||
|
||
// NOTE (EK): Bring this in when we decide to make the strategy required by the client |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We can remove this note. strategy
is required now.
src/passport/authenticate.js
Outdated
@@ -21,10 +21,21 @@ export default function authenticate (options = {}) { | |||
// Allow you to set a location for the success payload. | |||
// Default is hook.params.user, req.user and socket.user. | |||
const entity = strategyOptions.entity || strategyOptions.assignProperty || options.entity; | |||
let failures = []; | |||
let strategies; | |||
let strategyName = request.body && request.body.strategy; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This should probably be:
request.body = request.body || {};
let stategyName = request.body.strategy;
src/socket/handler.js
Outdated
const error = new Error(`Your '${strategy}' authentication strategy is not registered with passport.`); | ||
return callback(normalizeError(error)); | ||
} | ||
// if (!strategy) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This can be removed.
src/socket/handler.js
Outdated
return Promise.resolve(result.data); | ||
} | ||
// if (!app.passport._strategy(strategy)) { | ||
// const error = new Error(`Your '${strategy}' authentication strategy is not registered with passport.`); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This can also be removed
src/socket/handler.js
Outdated
// Now that we are authenticated create our JWT access token | ||
const params = Object.assign({ authenticated: true }, result); | ||
return service.create(result, params).then(tokens => { | ||
// const promise = app.authenticate(strategy, strategyOptions)(socket._feathers) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This can be removed
Closes #455, #448, and #432
This change channels socket auth through the token service instead of calling app.authenticate manually before hitting the token service.
This also makes it so the client has to provide a strategy explicitly, and removes the strategy iteration from
passport/authenticate.js
.Also updates tests.