Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

JWT for local auth. #390

Closed
muvhaus-sl opened this Issue Jan 3, 2017 · 9 comments

Comments

Projects
None yet
3 participants
@muvhaus-sl
Copy link

muvhaus-sl commented Jan 3, 2017

Hi,

I'm trying to make OAuth (Facebook) and Local authentication to work. So far, I got OAuth to work as expected and the JWT I get on the client includes a UserID.

However, when trying to use Local, I always get a JWT, but with no userID. Irrespective if the credentials are correct or not.
The JWT looks like:
{
aud:"my domain"
exp: 1483..........
iat: 1483...........
iss:"feathers"
sub:"anonymous"
}

Please let me know how I can explain myself better.

I'm using:
"feathers": "^2.0.3",
"feathers-authentication": "^1.0.2",
"feathers-authentication-client": "^0.1.6",
"feathers-authentication-jwt": "^0.3.1",
"feathers-authentication-local": "^0.3.2",
"feathers-authentication-oauth2": "^0.2.3",
"feathers-configuration": "^0.3.3",
"feathers-errors": "^2.5.0",
"feathers-hooks": "^1.7.1",
"feathers-permissions": "^0.1.1",
"feathers-rest": "^1.6.0",
"feathers-sequelize": "^1.4.0",
...
"passport": "^0.3.2",
"passport-facebook": "^2.1.1",
"passport-facebook-token": "^3.3.0",
"passport-google-oauth20": "^1.0.0",
"passport-google-token": "^0.1.2",
"passport-local": "^1.0.0",

@marshallswain

This comment has been minimized.

Copy link
Member

marshallswain commented Jan 3, 2017

Please post your auth config and the auth setup that you have in place on the server.

@muvhaus-sl

This comment has been minimized.

Copy link
Author

muvhaus-sl commented Jan 3, 2017

Hi, this is how my auth setup + config looks like:
Please let me know if you need more info.

app.configure(auth({
"local":{},
"cookie": {
"enabled": true,
"name": "feathers-jwt",
"httpOnly": false,
"secure": false,
"domain": "my domain"
},
"jwt": {
"header": { "typ": "access" },
"audience": "my domain",
"subject": "anonymous",
"issuer": "feathers",
"algorithm": "HS256",
"expiresIn": "1d"
},
"session":false,
"secret": " there is a secret here...",
"facebook": {
"clientID": "my facebook app ID",
"clientSecret": "my facebook secret",
"scope": ["public_profile","email"],
"profileFields": ["id", "displayName", "email", "name", "cover", "picture"] //seems irrelevant
},
"google": {
"clientID": "your google client id",
"clientSecret": "your google client secret",
"scope": ["profile"]
}
}))
.configure(jwt())
.configure(local())
.configure(oauth2({
name: 'facebook', // if the name differs from your config key you need to pass your config options explicitly
Strategy: FacebookStrategy
}))
.configure(oauth2({
name: 'google', // if the name differs from your config key you need to pass your config options explicitly
Strategy: GoogleStrategy
}));

@bertho-zero

This comment has been minimized.

Copy link
Contributor

bertho-zero commented Jan 3, 2017

app.configure( auth( {
  "local": {},
  "cookie": {
    "enabled": true,
    "name": "feathers-jwt",
    "httpOnly": false,
    "secure": false,
    "domain": "my domain"
  },
  "jwt": {
    "header": { "typ": "access" },
    "audience": "my domain",
    "subject": "anonymous",
    "issuer": "feathers",
    "algorithm": "HS256",
    "expiresIn": "1d"
  },
  "session": false,
  "secret": " there is a secret here...",
  "facebook": {
    "clientID": "my facebook app ID",
    "clientSecret": "my facebook secret",
    "scope": [ "public_profile", "email" ],
    "profileFields": [ "id", "displayName", "email", "name", "cover", "picture" ] //seems irrelevant
  },
  "google": {
    "clientID": "your google client id",
    "clientSecret": "your google client secret",
    "scope": [ "profile" ]
  }
} ) )
  .configure( jwt() )
  .configure( local() )
  .configure( oauth2( {
    name: 'facebook', // if the name differs from your config key you need to pass your config options explicitly
    Strategy: FacebookStrategy
  } ) )
  .configure( oauth2( {
    name: 'google', // if the name differs from your config key you need to pass your config options explicitly
    Strategy: GoogleStrategy
  } ) );
@muvhaus-sl

This comment has been minimized.

Copy link
Author

muvhaus-sl commented Jan 3, 2017

Thank you Bertho-zero for the formatting, much appreciated.

@muvhaus-sl

This comment has been minimized.

Copy link
Author

muvhaus-sl commented Jan 4, 2017

Am I doing something wrong and thats the cause of the issue?

@marshallswain

This comment has been minimized.

Copy link
Member

marshallswain commented Jan 4, 2017

@muvhaus-sl are you registering the authenticate hook on the authentication service?

@muvhaus-sl

This comment has been minimized.

Copy link
Author

muvhaus-sl commented Jan 4, 2017

Thank you very much. I missed that simple, yet very important step.

Now, the only doubt I still have, given that I would like to support multiple types of authentication, do I need to list them like:

create: [
		  // You can chain multiple strategies
		  auth.hooks.authenticate(['jwt', 'local','facebook','google']),
		],

Or must I leave as is on the sample?

@marshallswain

This comment has been minimized.

Copy link
Member

marshallswain commented Jan 4, 2017

Yep, you got it right. List them in the strategies array. When you authenticate, make sure you include the strategy name and only the named strategy will run.

For example, with local auth, this will only run against the local strategy on the server.

app.authenticate({
  strategy: 'local',
  email: 'what@ever.com',
  password: '1234'
});
@muvhaus-sl

This comment has been minimized.

Copy link
Author

muvhaus-sl commented Jan 4, 2017

great!

Thank you very much for the help.

If you don't mind, have a look at the other issue I opened, I might have missed something or found a a real issue.

@muvhaus-sl muvhaus-sl closed this Jan 4, 2017

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.