Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Specify the secret in one place instead of two #69

kulakowka opened this Issue Feb 19, 2016 · 1 comment


None yet
2 participants
Copy link

kulakowka commented Feb 19, 2016

I created application using a generator.

import { join } from 'path';
import { static as serveStatic } from 'feathers';
import favicon from 'serve-favicon';
import compress from 'compression';
import cors from 'cors';
import feathers from 'feathers';
import configuration from 'feathers-configuration';
import hooks from 'feathers-hooks';
import rest from 'feathers-rest';
import bodyParser from 'body-parser';
import socketio from 'feathers-socketio';
import authentication from 'feathers-authentication';
import middleware from './middleware';
import services from './services';

let app = feathers();

app.configure(configuration(join(__dirname, '..')))
  .options('*', cors())
  .use(favicon( join(app.get('public'), 'favicon.ico') ))
  .use('/', serveStatic( app.get('public') ))
  .use(bodyParser.urlencoded({ extended: true }))
  .configure(authentication( app.get('auth') ))

export default app;

As you can see, authentication options (auth.token.secret) gets from config file in ./config/default.json (thank's feathers-configuration for that).

  "host": "localhost",
  "port": 3030,
  "mongodb": "mongodb://localhost:27017/feathers_v2",
  "public": "../public/",
  "auth": {
    "token": {
      "secret": "huxbsAlSnCpspDGs0ngRMLc0aQjfPhi5dRYzPSoUfrJQPNr/2jqFs7z35S+JTxQ++6zbRcL6QBY9o7TTt3DITg=="

However, when I want to use verifyToken() hook, I must again specify the secret word:

// /src/services/message/hooks/index.js
import globalHooks from '../../../hooks';
import { hooks as auth } from 'feathers-authentication';

let before = {
  all: [
    auth.verifyToken({secret: 'huxbsAlSnCpspDGs0ngRMLc0aQjfPhi5dRYzPSoUfrJQPNr/2jqFs7z35S+JTxQ++6zbRcL6QBY9o7TTt3DITg=='}),
  find: [],
  get: [],
  create: [],
  update: [],
  patch: [],
  remove: []

let after = {
  all: [],
  find: [],
  get: [],
  create: [],
  update: [],
  patch: [],
  remove: []

export default { before, after };

Maybe we could remake the hook so that could specify a secret word in one place?


This comment has been minimized.

Copy link

ekryski commented Feb 19, 2016

Ha! I totally knew this was going to come up. Thanks for reporting @kulakowka.

Yes, I'll try and come up with a way to fix this today because it's been a pain in the ass for me as well.

@ekryski ekryski referenced this issue Feb 19, 2016


Config options #70

@ekryski ekryski closed this in 0c0c97a Feb 19, 2016

@ekryski ekryski modified the milestone: 0.6 Mar 26, 2016

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.