Join GitHub today
GitHub is home to over 31 million developers working together to host and review code, manage projects, and build software together.Sign up
Non-standard header structure #361
Steps to reproduce
Feathers is not using the recommended format for JWT authorization headers.
This does not break feathers, as it is consistently wrong in both the server and client implementations.
The feathers-authentication-client library has an undocumented option to supply a prefix to the chosen header, but no such option exists on the server.
The recommended JWT header is in the following form:
Feathers uses the following format:
Tell us about the applicable parts of your setup.
Module versions (especially the part that's not working):
React Native Version:
The websocket implementation was working fine, but when I tried to test my access token with curl I always received a bad-request error for missing credentials.
@timelesshaze by default it doesn't accept Bearer. We are using passport-jwt under the hood so you can customize the format of your header and where your JWT is parsed from by setting
If you want to add a PR for a custom strategy that would accept both of those formats it would be welcome