Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feathers-authentication 1.1.1 `No auth token` #445

Closed
jiangts opened this Issue Mar 13, 2017 · 8 comments

Comments

Projects
None yet
5 participants
@jiangts
Copy link

jiangts commented Mar 13, 2017

when sending a request to a service with the following hooks:

const auth = require('feathers-authentication');

const hooks = {
  before: {
    all: [auth.hooks.authenticate('jwt')]
  }
}

with the HTTP headers

authorization: <JWT STRING>

I get

error: (401) Route: /recordings - No auth token
info: NotAuthenticated: No auth token

I logged the headers on the server side, and indeed, there were none.
This was only fixed when I put this express middleware before my services ran:

  app.use(function(req, res, next) {
    console.log(req.headers)
    req.feathers.headers = req.headers;
    next();
  });

This is breaking functionality not mentioned in the migration guide. This middleware should either automatically be included or be put in the migration guide.

@jiangts

This comment has been minimized.

Copy link
Author

jiangts commented Mar 13, 2017

upon further search, I'm finding
https://github.com/feathersjs/feathers-authentication/blob/master/src/express/expose-headers.js

So this looks like a bug? Or maybe I have an unexpected configuration.

@jiangts

This comment has been minimized.

Copy link
Author

jiangts commented Mar 13, 2017

aha, I figured it out! When registering services, I registered the auth service last. So when calling any other service, the middleware for exposing headers was not yet registered. I think this is at least worth mentioning, as it could probably save others a bit of headache :)

@jiangts jiangts closed this Mar 13, 2017

@fss

This comment has been minimized.

Copy link

fss commented Apr 13, 2017

@jiangts you saved my day.

@Andreyco

This comment has been minimized.

Copy link

Andreyco commented May 2, 2017

Gosh, experienced very same...
Given, it's called "service" I don't suppose order of registration matters. This never happened to me when similar package is called "middleware" - which is more common.

What a name can do :)

@marshallswain

This comment has been minimized.

Copy link
Member

marshallswain commented May 2, 2017

@Andreyco The problem is with the middleware that come bundled with the service and are registered implicitly when the plugin is configured. Also, services aren't middleware by another name. They don't really operate as middleware unless you chain a bunch of them together. Hooks, however, are multi-transport middleware.

I've added a note to the top and bottom of the Auth Server API docs that will hopefully prevent this for others.

@Andreyco

This comment has been minimized.

Copy link

Andreyco commented May 2, 2017

@marshallswain Note is enough here, I think. Thanks ;)

@jasondonnette

This comment has been minimized.

Copy link

jasondonnette commented Jun 22, 2017

For me the order that's written up in the migration guide makes it fail.

https://github.com/feathersjs/feathers-authentication/blob/master/docs/migrating.md

Not working:

app
    .use('/users', memory())
    .configure(auth(app.get('authentication')))
    .configure(jwt())
    .configure(local())

Working:

app
    .configure(authentication(app.get('authentication')))
    .configure(jwt())
    .configure(local())
    .use('/users', service(options));

¯\_(ツ)_/¯

@marshallswain

This comment has been minimized.

Copy link
Member

marshallswain commented Jun 22, 2017

Ah. Thanks, @jasondonnette! I just fixed the order in the migration guide.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.