Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Authentication via REST returns token without finding user on db #430

jlpellicer opened this Issue Mar 3, 2017 · 2 comments


None yet
2 participants
Copy link

jlpellicer commented Mar 3, 2017

Hey guys. Started to migrate authentication from v0.7.12 to v1.1.0 over the app generated originally by feathers.

I had the REST authentication working just fine, but had problems getting it to work with, so we switched to the new version.

Now, we got authentication working, but REST doesn't. It doesn't matter what I send to the server (user:password), it always returns an access token, without checking for the user credentials on the database.

What am I missing?

I turned on authentication debug (very cool), this is what I get when I make a request:

2017-03-03T14:25:36.432458+00:00 heroku[router]: at=info method=POST path="/authentication" request_id=5f7a5023-b626-466d-8c92-82c0fc7422e4 fwd="" dyno=web.1 connect=1ms service=11ms status=201 bytes=541
2017-03-03T14:25:36.430456+00:00 app[web.1]: Fri, 03 Mar 2017 14:25:36 GMT feathers-authentication:express:expose-headers Exposing Express headers to hooks and services
2017-03-03T14:25:36.431399+00:00 app[web.1]: Fri, 03 Mar 2017 14:25:36 GMT feathers-authentication:authentication:utils Creating JWT using options { header: { typ: 'access' },
2017-03-03T14:25:36.431401+00:00 app[web.1]:   audience: '',
2017-03-03T14:25:36.431402+00:00 app[web.1]:   subject: 'anonymous',
2017-03-03T14:25:36.431403+00:00 app[web.1]:   issuer: 'ASC Authority',
2017-03-03T14:25:36.431403+00:00 app[web.1]:   algorithm: 'HS256',
2017-03-03T14:25:36.431404+00:00 app[web.1]:   expiresIn: '1day' }
2017-03-03T14:25:36.432762+00:00 app[web.1]: Fri, 03 Mar 2017 14:25:36 GMT feathers-authentication:authentication:utils New JWT issued with payload {}
2017-03-03T14:25:36.433024+00:00 app[web.1]: Fri, 03 Mar 2017 14:25:36 GMT feathers-authentication:express:emit-events Sending 'login' event for REST provider. Token is eyJhbGciOiJIUzI1NiIsInR5cCI6ImFjY2VzcyJ9.eyJpYXQiOjE0ODg1NTExMzYsImV4cCI6MTQ4ODYzNzUzNiwiYXVkIjoiaHR0cHM6Ly95b3VyZG9tYWluLmNvbSIsImlzcyI6IkFTQyBBdXRob3JpdHkiLCJzdWIiOiJhbm9ueW1vdXMifQ.AmsjXOx8RWQGioZ211SeU-hBlRzM8RTMLTDjEYEhgtc
2017-03-03T14:25:36.433195+00:00 app[web.1]: Fri, 03 Mar 2017 14:25:36 GMT feathers-authentication:middleware:set-cookie Running setCookie middleware with options: { enabled: false,
2017-03-03T14:25:36.433197+00:00 app[web.1]:   name: 'feathers-jwt',
2017-03-03T14:25:36.433198+00:00 app[web.1]:   httpOnly: false,
2017-03-03T14:25:36.433198+00:00 app[web.1]:   secure: true }

screen shot 2017-03-03 at 9 28 20 am


"feathers": "^2.1.0",
"feathers-authentication": "^1.1.0",
"feathers-authentication-jwt": "^0.3.1",
"feathers-authentication-local": "^0.3.3",
"feathers-configuration": "^0.4.1",
"feathers-errors": "^2.5.0",
"feathers-hooks": "^1.8.0",
"feathers-rest": "^1.7.0",
"feathers-seeder": "^1.0.7",
"feathers-sequelize": "^1.4.0",
"feathers-socketio": "^1.5.0",


   "host": "localhost",
   "port": 5000,
   "postgres": "postgres://xxx:@localhost:5432/xxx",
   "public": "../public/",
   "auth": {
   	"usernameField": "username",
   	"secret": "ssshh",
   	"jwt": {
   		"issuer": "ASC Authority",
   		"expiresIn": "1day"
   	"local": {
   		"name": "local",
   		"usernameField": "username"


'use strict';

const path = require('path');
const serveStatic = require('feathers').static;
const favicon = require('serve-favicon');
const compress = require('compression');
const cors = require('cors');
const feathers = require('feathers');
const configuration = require('feathers-configuration');
const hooks = require('feathers-hooks');
const rest = require('feathers-rest');
const bodyParser = require('body-parser');
const socketio = require('feathers-socketio');
const middleware = require('./middleware');
const services = require('./services');

const app = feathers();

app.configure(configuration(path.join(__dirname, '..')));

	.options('*', cors())
	.use(favicon(path.join(app.get('public'), 'favicon.ico')))
	.use('/', serveStatic(app.get('public')))
	.use(bodyParser.urlencoded({extended: true}))

module.exports = app;


'use strict';

/* models stuff */
const authentication = require('feathers-authentication');
const local = require('feathers-authentication-local');
const jwt = require('feathers-authentication-jwt');

module.exports = function() {
	const app = this;
	let config = app.get('auth');

	const sequelize = new Sequelize(app.get('postgres'), {
		dialect: 'postgres'
	app.set('sequelize', sequelize);
	/* models stuff */


'use strict';

const globalHooks = require('../../../hooks');
const hooks = require('feathers-hooks');
const auth = require('feathers-authentication');
const local = require('feathers-authentication-local');

exports.before = {
	create: [
		console.log('HEY AUTH'), //<-- I never see this execute

This comment has been minimized.

Copy link

daffl commented Mar 3, 2017

The create console.log won't run because a hook is a function:

exports.before = {
  create: [
    function(hook) {
      console.log('HEY AUTH'), //<-- I never see this execute

Also, have a look how the new generator (npm install feathers-cli@pre -g) sets everything up. Just returning that object that you have from src/services/authentication/index.js will probably not do anything.


This comment has been minimized.

Copy link

jlpellicer commented Mar 3, 2017

Thanks! I created a new project using the new feathers-cli@pre and feathers-authentication and I got a clear picture about what I need to do.

@jlpellicer jlpellicer closed this Mar 3, 2017

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.