JWT Payload is null after app logout

[paulrostorp]

Steps to reproduce

Login => app.logout() from authentication client => Login again

Expected behavior

The returned JWT should return with a payload containing UserId.

Actual behavior

A JWT is returned but no userId, the jwt payload is empty.

What seems to be happening is that req.params still contains the user object even after logout (this statement returns true even after logout : https://github.com/feathersjs/authentication-oauth2/blob/master/lib/verifier.js#L92) , which leads to the verifier completing without returning a payload: https://github.com/feathersjs/authentication-oauth2/blob/master/lib/verifier.js#L101 A quick fix is to customize the verifier like so:

      if (existing) {
        return this._updateEntity(existing, data)
          .then(entity => {
            const id = entity[this.service.id];
            const payload = { [`${this.options.entity}Id`]: id };
            done(null, entity, payload)})
          .catch(error => error ? done(error) : done(null, error));
      }

But I am not sure this is suitable because this may be a safety issue. I'm also not sure the error comes from this package. This may be a problem with feathers logout mechanism. Any guidance would be appreciated. Note: this is definitely not an error on the client because if I restart the feathers server (after logout that is) the login works again.

System configuration

I am using the passport-facebook-token Strategy to auth with a Facebook access token obtained within my react native app.

Module versions (especially the part that's not working): @feathersjs/feathers@3.1.2 @feathersjs/authentication@2.1.2 @feathersjs/authentication-jwt@2.0.0 @feathersjs/authentication-oauth2@1.0.3 @passport-facebook-token@3.3.0 on client: @feathersjs/authentication-client@1.0.2 @feathersjs/client@3.3.1

[joaovbalmeida]

Same happening here with spotify passport strategy

[daffl]

This issue was moved to feathersjs/feathers#991