Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Authenticate : How to return more infos ? #471

Closed
JigSawFr opened this Issue Apr 3, 2017 · 10 comments

Comments

Projects
None yet
5 participants
@JigSawFr
Copy link

JigSawFr commented Apr 3, 2017

Hello !
I'm actually thinking on how to return more infos with authenticate method ?
Now, after authenticating with LDAP, feathers is returning a JWT access token,
But how can i return more infos as: (RFC 6750) ?

{
       "access_token":"mF_9.B5f-4.1JqM",
       "token_type":"Bearer",
       "expires_in":3600,
       "refresh_token":"tGzv3JOkF0XG5Qx2TlKWIA"
}

A minima, Token_type, expires_in, and one custom var (if i need)

This is my service:

'use strict';

const authentication = require('feathers-authentication');
const jwt = require('feathers-authentication-jwt');
const ldap = require('feathers-authentication-ldap');

class CustomVerifier {
  verify(req, user, done) {
    // ldap auth was successful
    console.log('LDAP User found');

    // add custom verification logic
    if (true) {
      return done(null, user, {
        username: req.body.username
      });
    } else {
      const err = 'Youre are not allowed';
      console.log(err);
      return done(err);
    }
  }
}

/**
 * @swagger
 * definitions:
 *   Auth:
 *     type: object
 *     required:
 *       - accessToken
 *     properties:
 *       accessToken:
 *         type: string
 */

module.exports = function () {
  const app = this;

  let config = app.get('auth');

  app.configure(authentication(config));
  app.configure(ldap({
    // Optional: overwrite Verifier function
    Verifier: CustomVerifier
  }));
  app.configure(jwt());
  app.get('/protected', authentication.express.authenticate('jwt'), (req, res, next) => {
    res.json({
      success: true
    });
  });
  app.get('/unprotected', (req, res, next) => {
    res.json({
      success: true
    });
  });

  /**
   * @swagger
   * /authentication:
   *   post:
   *     tags:
   *       - Auth
   *     summary: Authentication & Get JWT token
   *     description: Returns a JWT token
   *     consumes:
   *       - multipart/form-data
   *       - application/x-www-form-urlencoded
   *     produces:
   *       - application/json
   *     parameters:
   *       - name: username
   *         description: User's login
   *         in: formData
   *         required: true
   *         type: string
   *       - name: password
   *         description: User's password
   *         in: formData
   *         required: true
   *         type: string
   *         format: password
   *     responses:
   *       200:
   *         description: User authenticated
   *         schema:
   *             $ref: '#/definitions/Auth'
   *       400:
   *         description: Missing credentials
   *       401:
   *         description: Invalid credentials
   *       403:
   *         description: JWT token missing
   *       404:
   *         description: User not found
   */
  app.service('authentication').hooks({
    before: {
      create: [
        authentication.hooks.authenticate('ldap'),
        function (hook) {
          // store some user data in JWT payload
          hook.data.payload = {
            uid: hook.params.user.uid,
            name: hook.params.user.cn,
            mail: hook.params.user.mail,
            initials: hook.params.user.initials
          };
          return Promise.resolve(hook);
        }
      ]
    }
  });
};

Thank you, i'm beginning on your nice framework !

@JigSawFr

This comment has been minimized.

Copy link
Author

JigSawFr commented Apr 10, 2017

@marshallswain @daffl no clue ? thank you

@marshallswain

This comment has been minimized.

Copy link
Member

marshallswain commented Apr 10, 2017

After the authenticate middleware runs, try checking req.feathers for additional data that may have been added. I've not used LDAP, so I'm uncertain if what you want will be there, but it is on the OAuth plugins.

@daffl

This comment has been minimized.

Copy link
Member

daffl commented Apr 10, 2017

This looks like the anonymous auth problem again doesn't it @marshallswain?

@marshallswain

This comment has been minimized.

Copy link
Member

marshallswain commented Apr 10, 2017

Oh, maybe you're' right.

@ekryski

This comment has been minimized.

Copy link
Member

ekryski commented Apr 11, 2017

Umm, I don't think that is what they are asking. @JigSawFr is getting a token back and is protecting the /authentication route with the LDAP strategy. No anonymous auth here.

@JigSawFr I think what you want to do is set up an after hook on your authentication service to add the additional details to the response.

@JigSawFr

This comment has been minimized.

Copy link
Author

JigSawFr commented Apr 11, 2017

@ekryski yes exactly, users auth done by LDAP strategy. So it's returning a JWT but only this.
So with creating an after hook on authentication service, i will be to add more info to response ?

@marshallswain

This comment has been minimized.

Copy link
Member

marshallswain commented Apr 11, 2017

@JigSawFr You can try something like this

app.service('authentication').hooks({
  after: {
    create: [
      hook => {
        // hook.result.accessToken is already set
        hook.result.user = hook.params.user;
      }
    ]
  }
})
@JigSawFr

This comment has been minimized.

Copy link
Author

JigSawFr commented Apr 11, 2017

Great thank you, i've done with this:

after: {
    create: [
      hook => {
        // hook.result.accessToken is already set
        hook.result.access_token = hook.result.accessToken;
        hook.result.accessToken =  undefined;
        hook.result.token_type = 'Bearer';
        hook.result.expires_in = 3600;
        hook.result.initials = hook.params.user.initials;
        hook.result.sam_account_name = hook.params.user.sAMAccountName;
      }
    ]
  }

@JigSawFr JigSawFr closed this Apr 11, 2017

@khushirana

This comment has been minimized.

Copy link

khushirana commented Jan 25, 2019

how to send payload userId along with accesstoken?? in feathersjs

@marshallswain

This comment has been minimized.

Copy link
Member

marshallswain commented Jan 25, 2019

@khushirana Please check the docs. There is an entire page dedicated to this.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.