Closed stecapra closed 6 years ago
thetutlage
commented
6 years ago How do you verify the login state of the user? You must use auth.current.user, which is basically the authenticated user for that current request, based upon the authenticator you used via middleware.
Whereas auth.user is the globally logged in user via sessions
stecapra
commented
6 years ago i cannot access to the auth instance, because i have invalidSessionId or invalidJwtToken error depends on which authenticator i use.
If i use (in config/auth.js) authenticator 'jwt', and i access this route:
Route.get('/foo', () => {
return 'works';
}).middleware('auth:session');i have a jwt token error instead having sessionId error.
Am i doing something wrong? Did i miss something?
Thank you
thetutlage
commented
6 years ago Okay, lemme try to reproduce the issue and may need more info after that
Hi, I'm using Adonis 4 (dawn).
In config/auth.js i set
authenticator: 'session'but, if i set an api route like that:
Route.get('/api/foo', 'APIController.foo').middleware(['auth:jwt'])The auth is anyway set to session: indeed, if i login in "session mode", i can use that api even not set Authorization: Bearer header.
Instead, if i switch in config/auth.js
authenticator: 'jwt'Even after setting middleware('auth:session'), auth always use jwt token to authenticate.
Thank you