feathers-authentication 1.1.1 No auth token

[jiangts]

when sending a request to a service with the following hooks:

const auth = require('feathers-authentication');

const hooks = {
  before: {
    all: [auth.hooks.authenticate('jwt')]
  }
}

with the HTTP headers

authorization: <JWT STRING>

I get

error: (401) Route: /recordings - No auth token
info: NotAuthenticated: No auth token

I logged the headers on the server side, and indeed, there were none.
This was only fixed when I put this express middleware before my services ran:

  app.use(function(req, res, next) {
    console.log(req.headers)
    req.feathers.headers = req.headers;
    next();
  });

This is breaking functionality not mentioned in the migration guide. This middleware should either automatically be included or be put in the migration guide.

[jiangts]

upon further search, I'm finding
https://github.com/feathersjs/feathers-authentication/blob/master/src/express/expose-headers.js

So this looks like a bug? Or maybe I have an unexpected configuration.

[jiangts]

aha, I figured it out! When registering services, I registered the auth service last. So when calling any other service, the middleware for exposing headers was not yet registered. I think this is at least worth mentioning, as it could probably save others a bit of headache :)

[fss]

@jiangts you saved my day.

[Andreyco]

Gosh, experienced very same...
Given, it's called "service" I don't suppose order of registration matters. This never happened to me when similar package is called "middleware" - which is more common.

What a name can do :)

[marshallswain]

@Andreyco The problem is with the middleware that come bundled with the service and are registered implicitly when the plugin is configured. Also, services aren't middleware by another name. They don't really operate as middleware unless you chain a bunch of them together. Hooks, however, are multi-transport middleware.

I've added a note to the top and bottom of the Auth Server API docs that will hopefully prevent this for others.

[Andreyco]

@marshallswain Note is enough here, I think. Thanks ;)

[jasondonnette]

For me the order that's written up in the migration guide makes it fail.

https://github.com/feathersjs/feathers-authentication/blob/master/docs/migrating.md

Not working:

app
    .use('/users', memory())
    .configure(auth(app.get('authentication')))
    .configure(jwt())
    .configure(local())

Working:

app
    .configure(authentication(app.get('authentication')))
    .configure(jwt())
    .configure(local())
    .use('/users', service(options));

¯\_(ツ)_/¯

[marshallswain]

Ah. Thanks, @jasondonnette! I just fixed the order in the migration guide.