search

rluders / wn-jwtauth-plugin

JWTAuth Plugin for WinterCMS
GNU General Public License v3.0
29 stars 28 forks source link

API get user #1

Closed chrisvidal closed 5 years ago

chrisvidal commented 5 years ago

Hi I am doing some testing using the Postman collection. I managed to login. When I am trying to get the user with /api/auth/me in postman I got an exception, even if I set the header as documented (Authorization and Bearer token)

<p class="lead">We're sorry, but an unhandled error occurred. Please see the details below.</p>
            <div class="exception-name-block">
                <div>Token not provided</div>
                <p>/Users/christophevidal/Sites/oc-vodka/plugins/rluders/jwtauth/vendor/tymon/jwt-auth/src/Http/Middleware/BaseMiddleware.php 
                    <span>line</span> 52
                </p>
rluders commented 5 years ago

Hey @chrisvidal

image

Are you replacing the put-yout-jwt-token-here (ops, typo) by your user auth token?

Can you provide me more informations about the steps that you are following? Something to reproduce the error, like:

  1. Login
  2. Get user auth token
  3. ....

Thanks.

chrisvidal commented 5 years ago

Thanks for your answer Yes I do a simple login with email then copy/paste the token within the Get User request

Login

screenshot 2018-09-18 22 03 45

Get user

screenshot 2018-09-18 22 04 39

thanks for your help

rluders commented 5 years ago

@chrisvidal amazing details. Thank you, I'll check what is happening.

chrisvidal commented 5 years ago

Did you manage to explore the problem on your side?

rluders commented 5 years ago

Hey, @chrisvidal

Not yet, but I'll probably do it during the weekend.

chrisvidal commented 5 years ago

any updates on your side? Did you manage to have look?

thanks

rluders commented 5 years ago

@chrisvidal Not yet. I was unable to simulate the issue, so far. But, since I was in vacation last week, I don't had the time to dig on it. Right now, I'm setting up an new and clean enviorement to trying to reproduce the issue on an new installation.

rluders commented 5 years ago

Issue confirmed.

Update: The issue also affect the endpoint to refresh token.

rluders commented 5 years ago

@chrisvidal the issue related to the /me endpoint is now fixed. We still having the issue with the /refresh-token endpoint.

chrisvidal commented 5 years ago

that's awesome! Let me refresh the plugin through OC backend and test. Thanks

jeffreygu commented 5 years ago

Hi @chrisvidal and @rluders , do you get the bug fixed with new release 1.2.3? I still can get the issue with same steps as you. I checked the patch, it seems the changes are not be triggered between user login and call /me endpoint.

rluders commented 5 years ago

@jeffreygu It was working for me, but maybe I missed something. I'm accepting pull requests to fix this issue.

jeffreygu commented 5 years ago

Hi @rluders , it's a apache server configuration issue, which is mentioned in https://github.com/tymondesigns/jwt-auth/wiki/Authentication. It works after I add below config items in .htaccess.

RewriteCond %{HTTP:Authorization} ^(.) RewriteRule . - [e=HTTP_AUTHORIZATION:%1]

rluders commented 5 years ago

@jeffreygu great, good to know, maybe we need to add this information to README.md. If you want to do that, I'll accept your pull request.