Models which extend AccessToken not generated and/or preserved in extended-User models for authentication

[4xle]

What type of issue are you creating?

• [x] Bug
• [x] Enhancement
• [x] Question

What version of this module are you using?

• [ ] 2.0.10 (Stable)
• [ ] 2.1.0-rc.n (2.1 Release Candidate n)
• [x] Other: listed as 2.3.1

Please add a description for your issue:

Frameworks: Ionic 4, Angular 6, Loopback 3

An application I am developing requires multiple user models which authenticate using an extended AccessToken model which leverages polymorphic relationships, noted here in the Loopback docs: https://loopback.io/doc/en/lb3/Authentication-authorization-and-permissions.html#access-control-with-multiple-user-models

Testing through the explorer demonstrates that I can generate and assign "MultiAccessTokens" to either user model, based on this repo: https://github.com/beeman/loopback-example-multiple-user-models

Bug: when attempting to authenticate via the generated API on the front end using the API, authentication appears hard-locked to the base AccessToken model, such that authenticating on an extended AccessToken model does not appear possible.

Question/Enhancement: is there a means by which this can be changed or specific code values which can be adjusted in the generated files to make this feasible? I've attempted to implement it overtop of the generated files without any success, suspect I'm missing a mechanism which enforces this.

[4xle]

Apparently, this behavior is affected by something in the server folder (model-config.js maybe?) for Loopback, as a retry to generate the models have included the missing model files. Still can't log in though, with this error.

"Error: Cannot call AccessToken.findById(). The findById method has not been setup. The PersistedModel has not been correctly attached to a DataSource! at throwNotAttached "

[4xle]

Turns out, with everything regenerated properly I can log in. But once the cookie sets values it seems to be unable to log in again. Can't hit any other API methods either, same error as above.

[4xle]

Closing as an unrelated solution was found. Turns out, when using MultiToken authentication code server.js specifically requires : app.use('auth', loopback.token({<modelNameHere>})); instead of the documented version without the 'auth' tag.