Closed himanshusinghs closed 3 years ago
@himanshusinghs the strategy is tried and tested. I can see { session: false }
which a) i'm not sure what it does, b) the strategy requires session support.
@panva Thanks for your prompt reply. Appreciate it.
I have some clarifications to be presented.
a) session: false
is used to disable sessions, in case you are developing for a REST api which is the case for me. But even if I allow app to use session the problem stays the same.
b) I am not sure that it does. Because for Okta the strategy works fine with the configuration I posted above. It's failing for an OnTrack based provider.
This strategy is for end-user sign-in, not protecting APIs.
That I know and I am not using it in that way. Post login, tokens are generated and API guards are taken care of separately. My problem is exactly as I wrote in the original post. Verify callback not being invoked.
I was only hoping to get pointed out for something suspicious, like session: false
but unfortunately enabling that also doesn't work. I will continue my investigation on this but thanks a lot for your help. Will update the thread once I find something. :)
It's been a while, but did you find anything @himanshusinghs 😆
Description: Here's the code:
I am expecting the app to hang because I don't call the done in verify callback but it doesn't, instead I receive false as the value of strategyResponse which is unexpected. Is there anything that I might be missing out.
To Reproduce
Expected behaviour App above is supposed to hang up but it proceeds and ends the request with "Not authenticated" message
Environment: