How can I use this with JWT?

[CHANMYUNG]

As this title,

how can I use nubes library with JWT authorization ?

Can I use JWT like other servers that don't use nubes?

[aesteve]

Hello,

How are you using JWT "in other servers that don't use nubes" ? Please. If you can show me how you're dealing with JWT in a plain vertx-web project I can have a look at your issue.

[CHANMYUNG]

Umm... I mean...

Exactly, "HOW CAN I USE JWT IN NUBES?"

[aesteve]

Ok, let's try to be calm.

Disclaimer : this is the only piece of code in Nubes I did not write myself. So...

The method / controller where JWT is used should be annotated with @Auth(method = JWT) Then on Nubes object, you should set the Auth Provider to a valid JWTAuth (as in Vert.x web).

JWTAuth jwt = JWTAuth.create(vertx, someJsonConf);
nubes.setAuthProvider(jwt)

[CHANMYUNG]

Um.. There was no intention to make you feel bad. Sorry :(

[aesteve]

No problem. Let me know if this works for you :)

[CHANMYUNG]

I tried, but I couldn't..

Then, are there any Docs of Session or JWT?

before jwt, I also tried to handle session.

but sessions from same host were always different.

session always empty, and I put values, but next request session is empty.

[CHANMYUNG]

Sorry for bothering you

[aesteve]

Then, are there any Docs of Session or JWT?

No, sorry, as I said that's the only part of nubes I didn't develop by myself.

Please provide a very simple GitHub repository showing the session and / or JWT issue you're facing so that I can give it a look. "Explaining" issues is very very hard. A simple github repository containing all the code (and ONLY the code) needed to reproduce the problem is way better for me.

[CHANMYUNG]

Thank you for your help.

https://github.com/Nooheat/Nubes-Session-Issue

[aesteve]

How are you testing the code ?

I see a Postman capture, but which cookie are you sending ? (for the session to be identified)

[CHANMYUNG]

Um.. I'm just request @POST session/create, and server make a session value.

after, I request @GET session/check, server response a session value.

I didn't request any data

I'm sorry.. T^T I'm not sure that I exactly understood

[CHANMYUNG]

both two request path don't require any data. because it is "very simple server sample"

NO Cookie

[aesteve]

http://machinesaredigging.com/2013/10/29/how-does-a-web-session-work/

Sessions are using cookies under the hood.

How would the server recognize that it is the same user hitting it with a GET request than the user that previously made the POST request.

When you make the POST request, the cookie identifying the user should be returned in the response body, then you should use that cookie in the GET request (through a request header) to tell the server "I'm the same user that did the original POST request".

Please read that link :

Vert.x-Web uses session cookies to identify a session. The session cookie is temporary and will be deleted by your browser when it’s closed.

Long time since I've dealt with cookies / sessions and especially, I never did so with Vert.x where most of my time I'm dealing with stateless applications (REST APIs) therefore not using sessions. But in my understanding, if in your GET request you're not sending any "cookie identifier" (request header) then that cannot work at all.

[CHANMYUNG]

then, I must use cookies to handle sessions?

And how have you ever configure a Vertx server without session or cookie?

Did you use a token authentication scheme like JWT?

[ldallen]

Hi, I don't know if your problem has been solved or not, but here is how JWT worked (2 years ago) with Nubes : https://github.com/ldallen/Nubes-UseCases/tree/master/jwtAuth Let me know if this helps :)

[CHANMYUNG]

Thanks for your answers !! <3