Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
JWT Payload is null after app logout #991
From @paulrostorp on February 23, 2018 14:48
Steps to reproduce
Login => app.logout() from authentication client => Login again
The returned JWT should return with a payload containing UserId.
A JWT is returned but no userId, the jwt payload is empty.
What seems to be happening is that req.params still contains the user object even after logout (this statement returns true even after logout : https://github.com/feathersjs/authentication-oauth2/blob/master/lib/verifier.js#L92) , which leads to the verifier completing without returning a payload: https://github.com/feathersjs/authentication-oauth2/blob/master/lib/verifier.js#L101
But I am not sure this is suitable because this may be a safety issue. I'm also not sure the error comes from this package. This may be a problem with feathers logout mechanism. Any guidance would be appreciated.
I am using the passport-facebook-token Strategy to auth with a Facebook access token obtained within my react native app.
Module versions (especially the part that's not working):
Copied from original issue: feathersjs-ecosystem/authentication-oauth2#68