search

feathersjs-ecosystem / authentication-local

[MOVED] Local authentication plugin for feathers-authentication
https://github.com/feathersjs/feathers
MIT License
26 stars 15 forks source link

strange behavior on mobile browswer feathers-authentication-hook / feathers-jwt #71

Closed ducnvhn closed 6 years ago

ducnvhn commented 6 years ago

Steps to reproduce

I've search some issues here, nothing relevant. On Desktop browswer, the associateWithCurrentUser works just fine, but on mobile browswer( Android /Chrome/ FF) , authentication hook not seem to work.

Expected behavior

associateWithCurrentUser and authentication header should be available at hook.params

Actual behavior

cannot use feathers-authentication-hooks with mobile browser client.

System configuration

Tell us about the applicable parts of your setup. I have a Feathers app setup behind a nginx reserve proxy server like this: Client -> Nginx -> Express (feathers) -> API (feathers). Client make a feathers service request and I am using feathers-authentication-hooks to associateCurrentUser to create a data field. client call service as normal app.service('posts').create(data);

const readHooksParams = hook => {
 console.log(hook.params);
 //mobile browser show a 'blank' hook.params
 //{ query: {},
 //route: {},
 //connection: { provider: 'socketio' },
 //provider: 'socketio' }
 return hook;
};

const postHook = {
 before: {
  create: [readHooksParams , associateCurrentUser({ idField: '_id', as: 'user' }), ....]
 },
.
.
.
.
};

Module versions (especially the part that's not working): "@feathersjs/authentication": "^2.1.5", "@feathersjs/authentication-client": "^1.0.2", "@feathersjs/authentication-local": "^1.2.1", "@feathersjs/authentication-oauth2": "^1.1.0", "@feathersjs/client": "^3.1.2", "@feathersjs/express": "^1.1.2", "@feathersjs/feathers": "^3.0.5", "@feathersjs/rest-client": "^1.3.3", "@feathersjs/socketio": "^3.0.2", "@feathersjs/socketio-client": "^1.0.2", NodeJS version:

node -v v6.14.3 nginx version: nginx/1.14.0

Operating System: centos 7 Browser Version: Chrome 67.0.3396.87 / android 7.0

Module Loader: webpack

daffl commented 6 years ago

In order to reliably have params.user set all service methods need the authenticate hook - usually by JWT via authenticate('jwt').

ducnvhn commented 6 years ago

thanks @daffl. I will gibe it a try.

ducnvhn commented 6 years ago

hi @daffl I have added: 

import auth from 'feathers-authentication';
.
.
const postHook = {
 before: {
  create: [auth.hooks.authenticate(['jwt', 'local']), readHooksParams , associateCurrentUser({ idField: '_id', as: 'user' }), ....]
 },
.
.
.
.
};

This hook run and parse correct jwt token on desktop browsers. How ever, some time it does not run on Chrome / Android.

Any advise?

daffl commented 6 years ago

I have never had issues in Chrome for Android but some browsers do not have a proper localStorage (e.g. in incognito mode). Using an alternative storage is documented in https://github.com/feathersjs/authentication/issues/135