Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Anonymous Authentication #544

Closed
kanzitelli opened this Issue Jul 13, 2017 · 3 comments

Comments

Projects
None yet
2 participants
@kanzitelli
Copy link

kanzitelli commented Jul 13, 2017

Steps to reproduce

Hey guys, I have asked this question in Slack but didn't get a reply so I decided to write here.

I have the following situation. I am trying to add anonymous authentication in my application: Backend - FeathersJS and Frontend - React Native.

I need to have local + anonymous auth, local will be used to give an access to admins and anonymous will be used to give an access for regular users. Admins and regular users will have two different apps.

So when I am trying to get anonymous JWT in RN app using this line this.app.authenticate({ strategy: 'jwt' }), it gives me an error: error: authentication - Method: create: No auth token, as I understand I get this error because I have this line authentication.hooks.authenticate(config.strategies) in authentication.js in before-create hook on the server. But when I remove this line, everything works fine on the client and I get JWT.

So what I do now is I change this line this.app.authenticate({ strategy: 'jwt' }) —> this.app.authenticate({ strategy: 'jwt', anonymous: true }) on the client and change authentication.hooks.authenticate(config.strategies) —>

commonHooks.when( 
    hook => !hook.data.anonymous, 
    authentication.hooks.authenticate(config.strategies) 
)

on the server and when I do it everything works fine.

My question is if this is the right solution? Or maybe I miss something and it should be implemented other way? Is this a secure solution?

Tell us about the applicable parts of your setup.

NodeJS version: 7.10.0

React Native Version: 0.46.1

@marshallswain

This comment has been minimized.

Copy link
Member

marshallswain commented Jul 13, 2017

While your solution would definitely work, I think the "right" way would be to create feathers-authentication-anonymous as a plugin wrapped around passport-anonymous.

@kanzitelli

This comment has been minimized.

Copy link
Author

kanzitelli commented Jul 14, 2017

@marshallswain thank you for the reply! I will definitely take a look at it 👍

@kanzitelli kanzitelli closed this Jul 14, 2017

@marshallswain

This comment has been minimized.

Copy link
Member

marshallswain commented Jul 14, 2017

@kanzitelli check out the plugin generator if you haven't, yet. It will handle the heavy lifting of all of the package overhead. I believe it's built into the feathers-cli.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.