Closed giovannefc closed 3 years ago
Yup, looks like a clear bug
I dig a bit into the code and realized, we already protect you from this if you define a custom token type inside the config file.
So it is not really a bug, but lack of proper docs on our end. If you update your config to the following, it will work fine.
admin: {
tokenProvider: {
+ type: 'admin',
driver: 'redis',
redisConnection: 'local',
},
driver: 'oat',
provider: {
driver: 'lucid',
identifierKey: 'id',
uids: ['email'],
model: () => import('App/Models/User'),
},
},
shop: {
tokenProvider: {
+ type: 'shop',
driver: 'redis',
redisConnection: 'local',
},
driver: 'oat',
provider: {
driver: 'lucid',
identifierKey: 'id',
uids: ['email'],
model: () => import('App/Models/Customer'),
},
}
Now, there will be no collision
Closing since no response from the issue reporter
Package version
latest (5.0.4-preview-rc-2.1 )
Node.js and npm version
14 lts
Sample Code (to reproduce the issue)
auth.ts:
I saw that the unique thing that differentiates token is user id and how both users have the same id (different tables) to use the same token section for both. I manually changed the user ID in the database and after that it was right. Each user accesses with their token session.
I know if you change the
identifierKey
toemail
for example solve the problem. But I believe that in the case of the id, it can be misleading.