search

kahmali / meteor-restivus

REST APIs for the Best of Us! - A Meteor 0.9+ package for building REST APIs https://atmospherejs.com/nimble/restivus
MIT License
544 stars 116 forks source link

Unable to auth using email and password #136

Open mahmoudkm opened 9 years ago

mahmoudkm commented 9 years ago

I am trying to build a secure API endpoint in my app, as shown below, yet whenever I try to authenticate a user through /login in order to receive Auth token, using either curl or Chrome Postman tool, I always get Unauthorized error as shown below, can someone please tell me what I am doing wrong / missing here? Thanks

Code [ /server/serverapi.js ]:

  var Api = new Restivus({
    apiPath: 'clients/',
    prettyJson: true,
    useDefaultAuth: true,    
    version: 'v1'  
  });

  Api.addRoute('myclientdata/:id', {authRequired: true}, {
    get: {
        action: function() {
            var clientRecord = Clients.findOne({_id: this.urlParams.id});
            if(typeof clientRecord == "undefined"){
              return {};
            }else{
              return clientRecord;
            }
        }
    }
  });

Error: 

{
  "status": "error",
  "message": "Unauthorized"
}

curl call:

curl --data "password=123456&email=mark@gmail.com" http://localhost:3000/clients/v1/login

Note: Marked is a registered system user, which I can retrieve from Meteor.users collection

m52go commented 9 years ago

Try reversing your email and password parameters. That worked for me.

mahmoudkm commented 9 years ago

Thanks @m52go I've tried this already but unfortunately didn't work

kahmali commented 9 years ago

There must be more to this issue than what you're showing there. Everything looks fine in your code, and when I copied it into an empty meteor project and ran it I got a successful response. In fact, I went ahead and made a sample repo demonstrating that it works as expected: https://github.com/kahmali/restivus-login-test. As you'll see, the API code is copied and pasted exactly from what you've provided here.

In the future, if possible, please reproduce the error in a separate, empty project, and provide reproduction steps or a sample repo demonstrating the issue. Typically, it will help you trace out the issue yourself (I do this anytime I file a bug on someone's repo, and at least half the time I realize it was my own error). Plus, it makes my life a lot easier in tracking down the bug (if it actually exists). I'm sure we can get to the bottom of this. Everything you're trying to do is definitely possible in Restivus.

@m52go If switching the order of your params affected the response, there was something else going on there. That should have absolutely no effect.

henyana commented 9 years ago

Hi there,

I've just test the same thing, but got different output, I think the login is successful and return content html

<!DOCTYPE html>
<html>
<head>
<script type="text/javascript">__meteor_runtime_config__ = JSON.parse(decodeURIComponent("%7B%22meteorRelease%22%3A%22METEOR%401.2.0.2%22%2C%22PUBLIC_SETTINGS%22%3A%7B%7D%2C%22ROOT_URL%22%3A%22http%3A%2F%2Flocalhost%3A3000%2F%22%2C%22ROOT_URL_PATH_PREFIX%22%3A%22%22%2C%22appId%22%3A%2216bq4561oykr1i15jrxfi%22%2C%22autoupdateVersion%22%3A%226160b02291bfeb63daedd5f6c99b5ebaaca2d3d2%22%2C%22autoupdateVersionRefreshable%22%3A%22b3bddc728ae7a7f1d4f6551c7b32bf0fe429d929%22%2C%22autoupdateVersionCordova%22%3A%22none%22%7D"));</script>

  <script type="text/javascript" src="/packages/es5-shim.js?03b82f907286b5353e3a371eb320635a634fc88b"></script>
  <script type="text/javascript" src="/packages/underscore.js?46eaedbdeb6e71c82af1b16f51c7da4127d6f285"></script>
  <script type="text/javascript" src="/packages/meteor.js?9730f4ff059088b3f7f14c0672d155218a1802d4"></script>
  <script type="text/javascript" src="/packages/meteor-base.js?f0836ed3757e6217fff6e2710a1293407a6d9b09"></script>
  <script type="text/javascript" src="/packages/mobile-experience.js?674f55574f9947b91bb5f92f9ea9be098479b649"></script>
  <script type="text/javascript" src="/packages/random.js?f390084b611992ee4c5bd9d83b86877f3797289c"></script>
  <script type="text/javascript" src="/packages/base64.js?6b407c3b106cfc043cc07a07a111a2443d789bd4"></script>
  <script type="text/javascript" src="/packages/ejson.js?5e95dd4b5971d96cb2d3287c54b14d9002f83ab7"></script>
  <script type="text/javascript" src="/packages/id-map.js?c9a0833f370b91bbc3fd76d54f21d6ce1850af49"></script>
  <script type="text/javascript" src="/packages/ordered-dict.js?18a4254f3dd5f8c97946dadb60e33c91efab39c1"></script>
  <script type="text/javascript" src="/packages/tracker.js?7776276660c988c38fed448d8262b925dffb5bc3"></script>
  <script type="text/javascript" src="/packages/mongo-id.js?3c6c0f6ceace5f42b7dfee0fcafe19ae1b711909"></script>
  <script type="text/javascript" src="/packages/diff-sequence.js?f4337773c8aaf9bcaa5f5f22865660cbdd471eaa"></script>
  <script type="text/javascript" src="/packages/geojson-utils.js?bfbab9d995bbbb19fa1b11a3cfdb9da5f5f328ba"></script>
  <script type="text/javascript" src="/packages/minimongo.js?cdf1a26cf7719fa9471a8017c3defd5aea812727"></script>
  <script type="text/javascript" src="/packages/check.js?cfa4250d2aae369fa666098adc27266de8e26aea"></script>
  <script type="text/javascript" src="/packages/retry.js?acb5f93adc31a57311c18af4ce21068297f00f37"></script>
  <script type="text/javascript" src="/packages/ddp-common.js?407f25963eff34d975e0ca121f51d819c7c8d364"></script>
  <script type="text/javascript" src="/packages/reload.js?234f78ebae6ce49cbb0da4705afaec398706283b"></script>
  <script type="text/javascript" src="/packages/ddp-client.js?250b63e6c919c5383a0511ee4efbf42bb70a650f"></script>
  <script type="text/javascript" src="/packages/ddp.js?1c935134013739ed5ece46880dea800b6319bd67"></script>
  <script type="text/javascript" src="/packages/ddp-server.js?1057b33d71942bc01fd0167e2b2a5f49f5545d11"></script>
  <script type="text/javascript" src="/packages/mongo.js?5dcfbae63393ea63b330ea0c46d7b41eb1b4c3ae"></script>
  <script type="text/javascript" src="/packages/blaze-html-templates.js?31453f3129c01ec6fabaa5b791f6572e8c4464a2"></script>
  <script type="text/javascript" src="/packages/reactive-dict.js?e43655c138a9184c40228ef4dd2da3f65f1bd8bb"></script>
  <script type="text/javascript" src="/packages/session.js?9a40cf46e8dc125a3486dc33b2a965c1e9f8ff2b"></script>
  <script type="text/javascript" src="/packages/jquery.js?1015953f785c9b76503e2ecb391507dce965f357"></script>
  <script type="text/javascript" src="/packages/standard-minifiers.js?b02a7937678c6058031ee7b2f45b5a617518335d"></script>
  <script type="text/javascript" src="/packages/babel-compiler.js?b72b25550ee1619b0eaddf5e0c1541e8c264ccf0"></script>
  <script type="text/javascript" src="/packages/ecmascript.js?9c79b20dd3f3a6da85828defdd8585b8436af75d"></script>
  <script type="text/javascript" src="/packages/npm-bcrypt.js?339fbff12a6703226e44b2e1f9d42612d7f2d1e1"></script>
  <script type="text/javascript" src="/packages/rate-limit.js?1cbc4d8a96b20fbcf6376e96a09189bffb571050"></script>
  <script type="text/javascript" src="/packages/ddp-rate-limiter.js?57ec3ab3391710187844397b2105593ab2ad8e01"></script>
  <script type="text/javascript" src="/packages/localstorage.js?c9dab65641bca0463e02de20ea9d56feacf13aba"></script>
  <script type="text/javascript" src="/packages/callback-hook.js?f5eea425e2802257907f21606b9e996a7087dab7"></script>
  <script type="text/javascript" src="/packages/deps.js?a0f1fc18309813a3aac8954f76d0c73e4c5d46f4"></script>
  <script type="text/javascript" src="/packages/htmljs.js?fd1566f5a5a4b277eb93f0a636a84a07ab9a83db"></script>
  <script type="text/javascript" src="/packages/observe-sequence.js?cd318009bd759e1458173f84a537c5dd315b4f86"></script>
  <script type="text/javascript" src="/packages/reactive-var.js?975c4d5513ecf8c3a212b5aa160a9ea4447f3079"></script>
  <script type="text/javascript" src="/packages/blaze.js?9391df93ba5076c2cfc61ee68724eb79b65f00d9"></script>
  <script type="text/javascript" src="/packages/babel-runtime.js?b0359ff15b87202234ffb6a78f85b70175b412af"></script>
  <script type="text/javascript" src="/packages/promise.js?c18eac25a2117745aa5b372e139bae2fce4a84fe"></script>
  <script type="text/javascript" src="/packages/ecmascript-collections.js?f40db97e12a9f8e6be41cace4209f022d24ec40e"></script>
  <script type="text/javascript" src="/packages/accounts-base.js?37ee275552e2b0b0f518492f393eb55f395001ce"></script>
  <script type="text/javascript" src="/packages/sha.js?8d3df110f526e457248524a1acbdb13b6e05179c"></script>
  <script type="text/javascript" src="/packages/srp.js?efa91019a74800ae4a7521f5dca598e4b872bc0b"></script>
  <script type="text/javascript" src="/packages/accounts-password.js?6b77823b5615d402d0dd2cabb57afa1df3468e2f"></script>
  <script type="text/javascript" src="/packages/coffeescript.js?03cc719a379ebb957f4a66012a69a9aa8ebf9052"></script>
  <script type="text/javascript" src="/packages/simple_json-routes.js?73b786461dbaf78de4f92147f95c1cc244dbd1e0"></script>
  <script type="text/javascript" src="/packages/nimble_restivus.js?6ed6ece295a0f891005d833c794de7a0cf7ac5a7"></script>
  <script type="text/javascript" src="/packages/webapp.js?1b9f36d855fc5c8399abf2579ac1e1512060cc95"></script>
  <script type="text/javascript" src="/packages/livedata.js?93f27626c1702ea8af804d6170ffbf8968626718"></script>
  <script type="text/javascript" src="/packages/hot-code-push.js?3916ae26c3ca4928e61dc2da7e7b3f93e4164c0c"></script>
  <script type="text/javascript" src="/packages/spacebars.js?1aedcc2aa3ae9ff5d860d73516110cedd77c033e"></script>
  <script type="text/javascript" src="/packages/templating.js?142b64439619ddabba8ad16a798ed8349de73bae"></script>
  <script type="text/javascript" src="/packages/launch-screen.js?b50bb1bd905d2cc3d6182ee28c096df0cc24a725"></script>
  <script type="text/javascript" src="/packages/ui.js?6aa94fb4743be2472f799f928674607edae2afdf"></script>
  <script type="text/javascript" src="/packages/autoupdate.js?764e166739a4aeba204926326b786baa4292b65d"></script>
  <script type="text/javascript" src="/packages/global-imports.js?e5702925c4efa37bd5b126b490aa168df32c89cf"></script>
  <script type="text/javascript" src="/packages/service-configuration.js?4940b1e4138b53dafd1a46ae719ad64bec87e957"></script>

</head>
<body>

</body>
</html>

Can you tell me why?

Here is my METEOR@1.2.0.2 packages

meteor-base             # Packages every Meteor app needs to have
mobile-experience       # Packages for a great mobile UX
mongo                   # The database Meteor supports right now
blaze-html-templates    # Compile .html files into Meteor Blaze views
session                 # Client-side reactive dictionary for your app
jquery                  # Helpful client-side library
tracker                 # Meteor's client-side reactive programming library

standard-minifiers      # JS/CSS minifiers run for production mode
es5-shim                # ECMAScript 5 compatibility for older browsers.
ecmascript              # Enable ECMAScript2015+ syntax in app code

accounts-password
nimble:restivus
henyana commented 9 years ago

Dear all,

I've just resolved my problem. The issue reproduce from the Windows Powershell and it seem that is the problem when using curl.

So dont use Windows Powershell when you using curl, just use cmd.

But if you still want to use Windows Powershell, Just follow this link http://stackoverflow.com/questions/28736666/curl-not-recognized-as-an-internal-or-external-command-operable-program-or-batc