Get user outside a service

[bertho-zero]

How to get current connected user outside a service ?

I have this code :

app.configure(hooks())
  .configure(rest())
  .configure(socketio())
  .use(actionsHandler)
  .configure(services)
  .configure(middleware);

And in my actionsHandler after login req.feathers = only { provider: 'rest' } and req.isAuthenticated() = false

My auth config is the following:

{
  auth: {
    idField: 'id'
  }
}

And I connect like this:

    app.authenticate({
      type: 'local',
      email: data.email,
      password: data.password
    }).then(result => {
      console.log(app.get('token')); // -> the JWT
      console.log(app.get('user')); // -> the user

      return result;
    })

ps: The cookie is never after login

[daffl]

I am not sure what you mean? app.get('user') on the client seems to do what you are asking right?

On the server for each method call the user that makes it is stored in params.user (when the authentication hooks are set).

[bertho-zero]

I have 2 parts, one with feathers and another before that manages other actions (not REST), and I wish I could have access to the user connected when I am not in service and I do not have access to the hooks.

After login I have the current user, my goal is to be able to recover after a refresh of the page and the server side rendering which is enabled

[daffl]

This will be possible in the next version but for now you should be able to use the decode-token and populate-user Express middleware from that version.

[bertho-zero]

I saw decode-token Express middleware but I don't have req.feathers.token, so I also looked in token-parser and set-cookie middleware and I had not seen the option cookie.enable, I try it as soon as possible and put my back here

[marshallswain]

@bertho-zero, If you're feeling brave, you can also try installing the pre-release version of feathers-authentication@0.8.0 from npm and check out the example folder in the 0.8.0 branch to see how to implement it.

[bertho-zero]

It works well in real-time but not in rest, I don't understand..

I have :

app.authenticate({
      type: 'local',
      email: data.email,
      password: data.password
    }).then(result => {
      console.log(app.get('token')); // -> the JWT
      console.log(app.get('user')); // -> the user

      return result;
    })

and both console.log write null.

I continued to seek the cause

edit: This is my log (feathers-*) when try to login in rest

[2] Tue, 09 Aug 2016 20:43:29 GMT feathers-authentication:expose-request-response Exposing request and response objects to Feathers
[2] Tue, 09 Aug 2016 20:43:29 GMT feathers-authentication:token-parser Parsing token
[2] undefined
[2] Tue, 09 Aug 2016 20:43:29 GMT feathers-authentication:populate-user Attempting to populate user
[2] Tue, 09 Aug 2016 20:43:29 GMT feathers-authentication:local Checking credentials
[2] Tue, 09 Aug 2016 20:43:29 GMT feathers-authentication:local User found
[2] Tue, 09 Aug 2016 20:43:29 GMT feathers-authentication:local Verifying password
[2] Tue, 09 Aug 2016 20:43:29 GMT feathers-authentication:local Password correct
[2] Tue, 09 Aug 2016 20:43:29 GMT feathers-authentication:local User authenticated via local authentication
[2] Tue, 09 Aug 2016 20:43:29 GMT feathers-authentication:token Creating JWT using options: { algorithm: 'HS256',
[2]   expiresIn: '1d',
[2]   notBefore: undefined,
[2]   audience: undefined,
[2]   issuer: 'feathers',
[2]   jwtid: undefined,
[2]   subject: 'auth',
[2]   noTimestamp: undefined,
[2]   header: undefined }
[2] Tue, 09 Aug 2016 20:43:29 GMT feathers-authentication:token New JWT issued with payload { id: 35 }
[2] Tue, 09 Aug 2016 20:43:29 GMT feathers-socket-commons:events Dispatching 1 event filters for 'created' event
[2] Tue, 09 Aug 2016 20:43:29 GMT feathers-socket-commons:events Not sending any data for auth/token created
[2] Tue, 09 Aug 2016 20:43:29 GMT feathers-socket-commons:events Dispatching 1 event filters for 'created' event
[2] Tue, 09 Aug 2016 20:43:29 GMT feathers-socket-commons:events Not sending any data for auth/local created
[2] POST /auth/local 302 233.415 ms - 0
[2] Tue, 09 Aug 2016 20:43:29 GMT feathers-authentication:expose-request-response Exposing request and response objects to Feathers
[2] Tue, 09 Aug 2016 20:43:29 GMT feathers-authentication:token-parser Parsing token
[2] undefined
[2] Tue, 09 Aug 2016 20:43:29 GMT feathers-authentication:populate-user Attempting to populate user
[2] GET /auth/load 200 1.896 ms - 26

[bertho-zero]

I solved the problem with the following authentication config :

...
local: {
  successHandler: authConfig => (req, res, next) => next
}
...

Otherwise I lose the user and the token during the redirect, this is maybe due to node-http-proxy, then I set the cookie with js-cookie in client side for remember session after page refresh, I tested this:

cookies: {
  enable: true,
  'feathers-jwt': {
    maxAge: 60 * 60 * 24 * 1000 // One day
  }
}

edit: I had not seen, cookies are not sending in XHR request, I just left enable: true

[bertho-zero]

I use it in this repo: https://github.com/bertho-zero/react-redux-universal-hot-example/

[bertho-zero]

I can connect, edit a client-side cookie and remain connected to refresh the page, but the socket that reconnects, he is not identified with the user.

Would you know how to reconnect the socket to the current user with token?

[marshallswain]

@bertho-zero I think this is what you need: #272 (comment)

[bertho-zero]

Thanks, what I would like is not on a basic connection but a new connection after refresh the page.

I tried the same thing at on.('connect', ...) in vain, I've the following log in client:

socket.io-client:manager writing packet {"type":2,"data":["authenticate",{"type":"token","token":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MSwiaWF0IjoxNDcxOTY3NTg4LCJleHAiOjE0NzIwNTM5ODgsImlzcyI6ImZlYXRoZXJzIiwic3ViIjoiYXV0aCJ9.EqkOQp5W62d1hHv7jRvlW1BICiA5UvQ91AfRiynhTw4"}],"options":{"compress":true},"nsp":"/"} +10ms
socket.io-parser encoding packet {"type":2,"data":["authenticate",{"type":"token","token":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MSwiaWF0IjoxNDcxOTY3NTg4LCJleHAiOjE0NzIwNTM5ODgsImlzcyI6ImZlYXRoZXJzIiwic3ViIjoiYXV0aCJ9.EqkOQp5W62d1hHv7jRvlW1BICiA5UvQ91AfRiynhTw4"}],"options":{"compress":true},"nsp":"/"} +1ms
socket.io-parser encoded {"type":2,"data":["authenticate",{"type":"token","token":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MSwiaWF0IjoxNDcxOTY3NTg4LCJleHAiOjE0NzIwNTM5ODgsImlzcyI6ImZlYXRoZXJzIiwic3ViIjoiYXV0aCJ9.EqkOQp5W62d1hHv7jRvlW1BICiA5UvQ91AfRiynhTw4"}],"options":{"compress":true},"nsp":"/"} as 2["authenticate",{"type":"token","token":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MSwiaWF0IjoxNDcxOTY3NTg4LCJleHAiOjE0NzIwNTM5ODgsImlzcyI6ImZlYXRoZXJzIiwic3ViIjoiYXV0aCJ9.EqkOQp5W62d1hHv7jRvlW1BICiA5UvQ91AfRiynhTw4"}] +1ms
...
engine.io-client:socket socket receive: type "message", data "20["unauthorized",{}]" +11ms
socket.io-parser decoded 20["unauthorized",{}] as {"type":2,"nsp":"/","id":0,"data":["unauthorized",{}]} +1ms
socket.io-client:socket emitting event ["unauthorized",{}] +1ms

Yet this is the same token for the http connection when retrieve the page, I do this in the client:

socket.on('connect', () => {
  app.authenticate();
});

And I've the following configuration:

auth: {
  user: {
    idField: 'id'
  },
  local: {
    successHandler: () => (req, res, next) => next // for login with rest provider, jump redirection
  },
  token: {
    secret: 'super secret'
  },
  cookies: {
    enable: true
  }
}