Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[question] is it possible to protect by role a create method? #564

Closed
idealley opened this Issue Sep 1, 2017 · 1 comment

Comments

Projects
None yet
2 participants
@idealley
Copy link

idealley commented Sep 1, 2017

I have a default feathers generated authentication using mongoDB.

First I send a request to the /authentication endpoint, I get a token,
Then I send a second POST request to the /users endpoint to which I have added hooks:

create: [ 
      authenticate('jwt'),
      associateCurrentUser(),
      restrictToRoles({
        roles: ['admin'],
        fieldName: 'permissions'
      }),
      test(),
      hashPassword(),

    ],

The test hook is used only to log info. At this point I get an error:

{
    "name": "GeneralError",
    "message": "Current user is missing '_id' field.",
    "code": 500,
    "className": "general-error",
    "data": {},
    "errors": {}
}

My user is authenticated, but the user object remains empty {}

Thank you for advices

@idealley

This comment has been minimized.

Copy link
Author

idealley commented Sep 1, 2017

Update:

The generator create the options object:

  const options = {
    name: 'users',
    Model,
    paginate
  };

I have removed the name and everything works as expected.

@daffl daffl closed this Feb 1, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.