Wednesday, 10 May 2017

Feathers Authentication via POST works but socket doesn't

I configured feathers, was able to create a user REST-fully with Postman, and even get an auth token (I can post to /authenticate to get a token, and then verify that token - yay postman! yay REST api!).

But in the browser the story ain't so happy. I can use find to get data back, but authenticate just gives me errors.

In my googling I found this post and updated my client javascript to be this. I have also tried doing jwt auth with the token from postman, but that gives the same Missing Credentials error. Halp!

Code incoming...

app.js (only the configuration part to show order)

app.configure(configuration(path.join(__dirname, '..')))
  .use(cors())
  .use(helmet()) // best security practices
  .use(compress())
  .use(favicon(path.join(app.get('public'), 'favicon.ico')))
  .use('/', feathers.static(app.get('public')))
  .configure(socketio())
  .configure(rest())
  .configure(hooks())
  .use(bodyParser.json())
  .use(bodyParser.urlencoded({ extended: true }))
  .configure(services) // pull in all services from services/index.js
  .configure(middleware) // middleware from middleware/index.js
  .hooks(appHooks)

Within services, I first add authentication, which is in its own file and that looks like this authenticationjs

const authentication = require('feathers-authentication');
const jwt = require('feathers-authentication-jwt');
const local = require('feathers-authentication-local');
const authManagement = require('feathers-authentication-management');

module.exports = function () {

  const app = this;
  const config = app.get('authentication');

  // Set up authentication with the secret
  app.configure(authentication(config));
  app.configure(authManagement(config));
  app.configure(jwt());
  app.configure(local(config.local));

  // The `authentication` service is used to create a JWT.
  // The before `create` hook registers strategies that can be used
  // to create a new valid JWT (e.g. local or oauth2)
  app.service('authentication').hooks({
    before: {
      create: [
        authentication.hooks.authenticate(config.strategies)
      ],
      remove: [
        authentication.hooks.authenticate('jwt')
      ]
    }
  });

};

index.html (mostly stripped, just showing relevant script)

let url = location.protocol + '//' + location.hostname + 
    (location.port
      ? ':' + location.port
      : '');

const socket = io(url);

const feathersClient = feathers()
  .configure(feathers.socketio(socket))
  .configure(feathers.hooks())
  .configure(feathers.authentication({ storage: window.localStorage }));

Here's a screen shot showing some requests in chrome debugger and postman. Showing chrome debugger err and success, and postman success



via Sean Newell
Posted by at
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)