Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Unable to authenticate requests when using vanilla Socket.IO #166

Closed
Arania opened this Issue Apr 19, 2016 · 10 comments

Comments

Projects
None yet
4 participants
@Arania
Copy link

Arania commented Apr 19, 2016

Hello,

I’m trying to use Feathers with a native Android app. The code below is JS code (To make sure it is possible)
I was able to authenticate to Feathers by emitting Socket.IO "authenticate" event using the code below. The token is logged to the console.

socket.on('connect', function(){
  socket.emit('authenticate', { email: ‘user@name.com', password: ‘password' });
});
​
socket.on('authenticated', function(token){
  console.log(token);
});

From the docs

After a socket is connected an authenticate event needs to be emitted from the client to initiate the socket authentication. The data passed with it can either be an email and password, a JWT or OAuth access tokens. After successful authentication an authenticated event is emitted from the server and just like with REST you get back a JWT and the current user. From then on you are now using an authenticated socket until that socket is disconnected, the token expires, or you log out.

This means that any subsequent events I emit from the client will be authenticated. I tried this

$('#send-message').on('submit', function(ev) {
  // This is the message text input field
  const input = $(this).find('[name="text"]');
​
  // Create a new message and then clear the input field
  socket.emit('messages::create', {
    "text": input.val()
  }, (error, message) => {
    console.log(error);
    console.log('Message created', message);
  });
  input.val('');
​
  ev.preventDefault();
});

But the code above doesn't work and returns the following error -
Object { name: "NotAuthenticated", message: "You are not authenticated.", code: 401, className: "not-authenticated", errors: Object }

What am I doing wrong?

Regards,
Arania

@ekryski

This comment has been minimized.

Copy link
Member

ekryski commented Apr 19, 2016

@Arania do you mean a React Native android app?

@Arania

This comment has been minimized.

Copy link
Author

Arania commented Apr 20, 2016

@ekryski
No, a native Java Android app. I will be using the socket.io java client

Regards,
Arania

@ekryski

This comment has been minimized.

Copy link
Member

ekryski commented Apr 20, 2016

@Arania ok, the code you posted is JavaScript not Java so I was confused and obviously Java doesn't behave the same way. Maybe I missed it and you are just trying to do it in JS first in the browser or something to see if it vanilla socket.io works?

The problem with your socket.io code is that on the client you need to first connect, then authenticate and then, using the authenticated socket, make requests to restricted endpoints. If you are trying to role your own stuff server side then you're going to need to implement a bunch of the stuff we have already done in the feathers-authentication module. In all honesty the reason we emphasize using feathers on the client rather than vanilla socket.io is because we worked out all the kinks already and you'll just be re-inventing the wheel.

If you are looking for native Android, @corymsmith has been working on a client that should be out soon. Might want to just wait for that 😉 . We've already solved these authentication problems.

I'm going to close this because it's not a problem with auth and a first cut of the Android client should be up within a couple weeks.

@ekryski ekryski closed this Apr 20, 2016

@ekryski

This comment has been minimized.

Copy link
Member

ekryski commented Apr 20, 2016

I'll add that, if anything, it's a lack of documentation on how to authenticate using socket.io, but again that's low priority for us because we encourage the use of the Feathers client libs and if need be you'll have to just look at the code. We'd basically just be pasting the code in the docs.

@Arania

This comment has been minimized.

Copy link
Author

Arania commented Apr 20, 2016

@ekryski
Thanks. My apologies if my original post was confusing. Yes, I'm first trying to test it using JavaScript Socket.IO client to ensure it's doable. Once I'm able to, I will just replicate it using the Socket.IO Java client.

I haven't made any changes to the server side (using the standard code from FeathersJS quick start code).

I'm not sure what you mean by -

The problem with your socket.io code is that on the client you need to first connect, then authenticate and then, using the authenticated socket, make requests to restricted endpoints.

How do I send requests using the authenticated socket? I'm already emitting an authenticate event on connect event.

Also, unfortunately I can't wait for the android client to be released as I'm trying to use Feathers for a small real-time project which I need to complete this week itself.

Regards,
Arania

@ekryski

This comment has been minimized.

Copy link
Member

ekryski commented Apr 21, 2016

@Arania I just pushed a fully working example of how to do auth over socket.io with and without the Feathers client. Hopefully that helps 😄

@Arania

This comment has been minimized.

Copy link
Author

Arania commented Apr 21, 2016

@ekryski Thanks a lot for this!!! You're awesome.

I also found I was facing the same issue as mentioned in this comment - feathersjs/feathers-chat#14 (comment)

After changing the idField to "_id" my code works.

Apparently, the generator doesn't set the field to _id for NeDB and MongoDB. I will try and send a fix for this issue.

Thanks a ton for your help. This is what makes the project so great!

Regards,
Arania

@ekryski

This comment has been minimized.

Copy link
Member

ekryski commented Apr 21, 2016

Sorry about that. If you upgrade to the latest generator version then that bug should be fixed.

@ThadeusAjayi

This comment has been minimized.

Copy link

ThadeusAjayi commented Oct 11, 2018

@Arania I just pushed a fully working example of how to do auth over socket.io with and without the Feathers client. Hopefully that helps 😄

@ekryski This link in the example no longer exists.

@daffl

This comment has been minimized.

Copy link
Member

daffl commented Oct 11, 2018

This is fully documented now in the Socket.io client API.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.