Closed caracal7 closed 3 years ago
You need to pass in users as JSON if using it directly I think
const DeepstreamServer = new Deepstream( {
logLevel: 'DEBUG',
auth: [{
type: 'file',
options: {
users: {
server: {
password: '202cb962ac59075b964b07152d234b70',
clientData: {},
serverData: {},
},
chris: {
password: '202cb962ac59075b964b07152d234b70',
clientData: {},
serverData: {department: 'admin'},
}
},
hash: 'md5',
iterations: 1,
keyLength: 32,
reportInvalidParameters: true
}
}]
});
also didn't work
HI, when passing config options directly to the server constructor via the node api, you should do it like this:
server.js
:
const { Deepstream } = require('@deepstream/server')
const DeepstreamServer = new Deepstream({
logLevel: 'DEBUG',
auth: [{
type: 'file',
options: {
users: './users.js',
hash: 'md5',
iterations: 5,
keyLength: 32
}
}]
})
DeepstreamServer.start()
users.js
:
const users = {
server: {
password: '202cb962ac59075b964b07152d234b70',
clientData: {},
serverData: {}
},
chris: {
password: '202cb962ac59075b964b07152d234b70',
clientData: {},
serverData: { department: 'admin' }
}
}
module.exports = users
I'll try to update the docs to better explain this.
please reopen if issue persists
Reopening there is something else going on
Ok, got it.
const DeepstreamServer = new Deepstream({
logLevel: 'DEBUG',
auth: [{
type: 'file',
options: {
users: {
server: {
password: '202cb962ac59075b964b07152d234b70',
clientData: {},
serverData: {}
},
chris: {
password: '202cb962ac59075b964b07152d234b70',
clientData: {},
serverData: { department: 'admin' }
}
},
iterations: 5,
keyLength: 32
}
}]
})
The problem is that when you set the hashing algorithm, you must pass the hashed password when logging in, otherwise it won't match. @caracal7 was setting the hash option to md5 but logging in with an unhashed password thus the error.
I'll update the docs.
@yasserf what do you think of allowing the path option when using the file auth in order to call it like I did on my previous comment? This would imply adding this here
if (auth.options && auth.options.path) {
const req = require
auth.options.users = req(fileUtils.lookupConfRequirePath(auth.options.path))
}
@jaime-ez we should avoid doing any actual file loading in the server (outside of the yaml* initialiser). If the user is using deepstream via node constructor they are responsible for doing their own file loading (due to formats / locations / etc).
Actually let's just put it in (saw your PR). The issue doesn't make that much sense to me but there is code still loading json for permissions.
Thanks!
Yes I wen't for it since for permissions it is possible. I'm gonna close this for now and continue discussion on the pull request regarding the combined auth strategies
deepstream.io server
users.yml
Node.js client
deepstream.io server console
**Node.js client console***
Also no validation of parameters at all.