Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Calling /auth/session with authorization header is returning unauthorized #194

Open
webnoob opened this issue Dec 12, 2017 · 1 comment
Open

Calling /auth/session with authorization header is returning unauthorized #194

webnoob opened this issue Dec 12, 2017 · 1 comment

Comments

@webnoob
Copy link

webnoob commented Dec 12, 2017
edited
Loading

Using Postman, I'm POSTing to http://localhost:4000/auth/[email protected]&password=test which returns a valid password and token

{
    "issued": 1513064134060,
    "expires": 1513150534060,
    "provider": "local",
    "ip": "::1",
    "token": "therientortackledgedeati",
    "password": "a76e3a98845b67f533f25070502a12cca1c97163",
    "user_id": "[email protected]",
    "roles": [
        "user"
    ],
    "userDBs": {
        "msp": "https://therientortackledgedeati:[email protected]/msp$test(40)test(2e)com"
    },
    "profile": {
        "companyName": "test",
        "firstName": "test",
        "lastName": "test"
    }
}

I then make a GET request to http://localhost:4000/auth/session setting the Authorization Bearer Token to therientortackledgedeati:a76e3a98845b67f533f25070502a12cca1c97163 but I get the response unauthorized.

What am I doing wrong? From what I can see my example is inline with the demo example in the docs.

My server file is like so:

var express = require('express');
var http = require('http');
var bodyParser = require('body-parser');
var logger = require('morgan');
var cors = require('cors');
var path = require('path');
var SuperLogin = require('superlogin');
const superloginConfig = require('./superloginClient');
var superlogin = new SuperLogin(superloginConfig);
const routes = require('./routes');

var app = express();
app.set('port', process.env.PORT || 4000);
app.use(logger('dev'));
app.use(bodyParser.json({limit: '50mb'}));
app.use(bodyParser.urlencoded({limit: '50mb', extended: true}));
app.use(cors());

app.use('/auth', superlogin.router);
app.use('/api', routes)

app.use(function(req, res, next) {
  res.header("Access-Control-Allow-Origin", "*");
  res.header('Access-Control-Allow-Methods', 'DELETE, PUT');
  res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
  next();
});

app.listen(app.get('port'));
console.log("App listening on " + app.get('port'));

and my config

module.exports = {
  dbServer: {
    protocol: 'https://',
    host: 'test.cloudant.com',
    user: 'test',
    password: 'test',
    cloudant: true,
    userDB: 'sl-users'
  },
  mailer: {
    fromEmail: '',
    options: {
      host: '',
      port: '25',
      auth: {
        user: '',
        pass: ''
      }
    }
  },
  userDBs: {
    defaultDBs: {
      private: ['msp']
    },
    model: {
      _default: {
        permissions: ['_reader', '_replicator', '_writer']
      }
    }
  }
}
@webnoob
Copy link
Author

webnoob commented Dec 12, 2017

Ok, I've found out what was causing this but still not sure why.

I actually had this in another area of code in my node server app:

const superloginConfig = require('../superloginClient');
var SuperLogin = require('superlogin');
var superlogin = new SuperLogin(superloginConfig);

It wasn't being used but it seems that including it again it was causing the unauthorized message.

What would cause this to happen?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@webnoob