Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Get user outside a service #261

Closed
bertho-zero opened this Issue Aug 4, 2016 · 11 comments

Comments

Projects
None yet
4 participants
@bertho-zero
Copy link
Contributor

bertho-zero commented Aug 4, 2016

How to get current connected user outside a service ?

I have this code :

app.configure(hooks())
  .configure(rest())
  .configure(socketio())
  .use(actionsHandler)
  .configure(services)
  .configure(middleware);

And in my actionsHandler after login req.feathers = only { provider: 'rest' } and req.isAuthenticated() = false

My auth config is the following:

{
  auth: {
    idField: 'id'
  }
}

And I connect like this:

    app.authenticate({
      type: 'local',
      email: data.email,
      password: data.password
    }).then(result => {
      console.log(app.get('token')); // -> the JWT
      console.log(app.get('user')); // -> the user

      return result;
    })

ps: The cookie is never after login

@daffl

This comment has been minimized.

Copy link
Member

daffl commented Aug 4, 2016

I am not sure what you mean? app.get('user') on the client seems to do what you are asking right?

On the server for each method call the user that makes it is stored in params.user (when the authentication hooks are set).

@bertho-zero

This comment has been minimized.

Copy link
Contributor Author

bertho-zero commented Aug 4, 2016

I have 2 parts, one with feathers and another before that manages other actions (not REST), and I wish I could have access to the user connected when I am not in service and I do not have access to the hooks.

After login I have the current user, my goal is to be able to recover after a refresh of the page and the server side rendering which is enabled

@daffl

This comment has been minimized.

Copy link
Member

daffl commented Aug 4, 2016

This will be possible in the next version but for now you should be able to use the decode-token and populate-user Express middleware from that version.

@bertho-zero

This comment has been minimized.

Copy link
Contributor Author

bertho-zero commented Aug 5, 2016

I saw decode-token Express middleware but I don't have req.feathers.token, so I also looked in token-parser and set-cookie middleware and I had not seen the option cookie.enable, I try it as soon as possible and put my back here

@marshallswain

This comment has been minimized.

Copy link
Member

marshallswain commented Aug 5, 2016

@bertho-zero, If you're feeling brave, you can also try installing the pre-release version of feathers-authentication@0.8.0 from npm and check out the example folder in the 0.8.0 branch to see how to implement it.

@bertho-zero

This comment has been minimized.

Copy link
Contributor Author

bertho-zero commented Aug 9, 2016

It works well in real-time but not in rest, I don't understand..

I have :

app.authenticate({
      type: 'local',
      email: data.email,
      password: data.password
    }).then(result => {
      console.log(app.get('token')); // -> the JWT
      console.log(app.get('user')); // -> the user

      return result;
    })

and both console.log write null.

I continued to seek the cause

edit: This is my log (feathers-*) when try to login in rest

[2] Tue, 09 Aug 2016 20:43:29 GMT feathers-authentication:expose-request-response Exposing request and response objects to Feathers
[2] Tue, 09 Aug 2016 20:43:29 GMT feathers-authentication:token-parser Parsing token
[2] undefined
[2] Tue, 09 Aug 2016 20:43:29 GMT feathers-authentication:populate-user Attempting to populate user
[2] Tue, 09 Aug 2016 20:43:29 GMT feathers-authentication:local Checking credentials
[2] Tue, 09 Aug 2016 20:43:29 GMT feathers-authentication:local User found
[2] Tue, 09 Aug 2016 20:43:29 GMT feathers-authentication:local Verifying password
[2] Tue, 09 Aug 2016 20:43:29 GMT feathers-authentication:local Password correct
[2] Tue, 09 Aug 2016 20:43:29 GMT feathers-authentication:local User authenticated via local authentication
[2] Tue, 09 Aug 2016 20:43:29 GMT feathers-authentication:token Creating JWT using options: { algorithm: 'HS256',
[2]   expiresIn: '1d',
[2]   notBefore: undefined,
[2]   audience: undefined,
[2]   issuer: 'feathers',
[2]   jwtid: undefined,
[2]   subject: 'auth',
[2]   noTimestamp: undefined,
[2]   header: undefined }
[2] Tue, 09 Aug 2016 20:43:29 GMT feathers-authentication:token New JWT issued with payload { id: 35 }
[2] Tue, 09 Aug 2016 20:43:29 GMT feathers-socket-commons:events Dispatching 1 event filters for 'created' event
[2] Tue, 09 Aug 2016 20:43:29 GMT feathers-socket-commons:events Not sending any data for auth/token created
[2] Tue, 09 Aug 2016 20:43:29 GMT feathers-socket-commons:events Dispatching 1 event filters for 'created' event
[2] Tue, 09 Aug 2016 20:43:29 GMT feathers-socket-commons:events Not sending any data for auth/local created
[2] POST /auth/local 302 233.415 ms - 0
[2] Tue, 09 Aug 2016 20:43:29 GMT feathers-authentication:expose-request-response Exposing request and response objects to Feathers
[2] Tue, 09 Aug 2016 20:43:29 GMT feathers-authentication:token-parser Parsing token
[2] undefined
[2] Tue, 09 Aug 2016 20:43:29 GMT feathers-authentication:populate-user Attempting to populate user
[2] GET /auth/load 200 1.896 ms - 26
@bertho-zero

This comment has been minimized.

Copy link
Contributor Author

bertho-zero commented Aug 9, 2016

I solved the problem with the following authentication config :

...
local: {
  successHandler: authConfig => (req, res, next) => next
}
...

Otherwise I lose the user and the token during the redirect, this is maybe due to node-http-proxy, then I set the cookie with js-cookie in client side for remember session after page refresh, I tested this:

cookies: {
  enable: true,
  'feathers-jwt': {
    maxAge: 60 * 60 * 24 * 1000 // One day
  }
}

edit: I had not seen, cookies are not sending in XHR request, I just left enable: true

@bertho-zero

This comment has been minimized.

Copy link
Contributor Author

bertho-zero commented Aug 10, 2016

@bertho-zero

This comment has been minimized.

Copy link
Contributor Author

bertho-zero commented Aug 22, 2016

I can connect, edit a client-side cookie and remain connected to refresh the page, but the socket that reconnects, he is not identified with the user.

Would you know how to reconnect the socket to the current user with token?

@marshallswain

This comment has been minimized.

Copy link
Member

marshallswain commented Aug 22, 2016

@bertho-zero I think this is what you need: #272 (comment)

@bertho-zero

This comment has been minimized.

Copy link
Contributor Author

bertho-zero commented Aug 23, 2016

Thanks, what I would like is not on a basic connection but a new connection after refresh the page.

I tried the same thing at on.('connect', ...) in vain, I've the following log in client:

socket.io-client:manager writing packet {"type":2,"data":["authenticate",{"type":"token","token":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MSwiaWF0IjoxNDcxOTY3NTg4LCJleHAiOjE0NzIwNTM5ODgsImlzcyI6ImZlYXRoZXJzIiwic3ViIjoiYXV0aCJ9.EqkOQp5W62d1hHv7jRvlW1BICiA5UvQ91AfRiynhTw4"}],"options":{"compress":true},"nsp":"/"} +10ms
socket.io-parser encoding packet {"type":2,"data":["authenticate",{"type":"token","token":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MSwiaWF0IjoxNDcxOTY3NTg4LCJleHAiOjE0NzIwNTM5ODgsImlzcyI6ImZlYXRoZXJzIiwic3ViIjoiYXV0aCJ9.EqkOQp5W62d1hHv7jRvlW1BICiA5UvQ91AfRiynhTw4"}],"options":{"compress":true},"nsp":"/"} +1ms
socket.io-parser encoded {"type":2,"data":["authenticate",{"type":"token","token":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MSwiaWF0IjoxNDcxOTY3NTg4LCJleHAiOjE0NzIwNTM5ODgsImlzcyI6ImZlYXRoZXJzIiwic3ViIjoiYXV0aCJ9.EqkOQp5W62d1hHv7jRvlW1BICiA5UvQ91AfRiynhTw4"}],"options":{"compress":true},"nsp":"/"} as 2["authenticate",{"type":"token","token":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MSwiaWF0IjoxNDcxOTY3NTg4LCJleHAiOjE0NzIwNTM5ODgsImlzcyI6ImZlYXRoZXJzIiwic3ViIjoiYXV0aCJ9.EqkOQp5W62d1hHv7jRvlW1BICiA5UvQ91AfRiynhTw4"}] +1ms
...
engine.io-client:socket socket receive: type "message", data "20["unauthorized",{}]" +11ms
socket.io-parser decoded 20["unauthorized",{}] as {"type":2,"nsp":"/","id":0,"data":["unauthorized",{}]} +1ms
socket.io-client:socket emitting event ["unauthorized",{}] +1ms

Yet this is the same token for the http connection when retrieve the page, I do this in the client:

socket.on('connect', () => {
  app.authenticate();
});

And I've the following configuration:

auth: {
  user: {
    idField: 'id'
  },
  local: {
    successHandler: () => (req, res, next) => next // for login with rest provider, jump redirection
  },
  token: {
    secret: 'super secret'
  },
  cookies: {
    enable: true
  }
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.