I am developing an app with Adonis JS and I have a problem with authentication. I intend to use two authentication schemes for this app: basic and jwt. Set the authenticator field with jwt in the auth.js file
'use strict'
module.exports = {
/*
|--------------------------------------------------------------------------
| Authenticator
|--------------------------------------------------------------------------
|
| Authentication is a combination of serializer and scheme with extra
| config to define on how to authenticate a user.
|
| Available Schemes - basic, session, jwt, api
| Available Serializers - lucid, database
|
*/
authenticator: 'jwt',
/*
|--------------------------------------------------------------------------
| Session
|--------------------------------------------------------------------------
|
| Session authenticator makes use of sessions to authenticate a user.
| Session authentication is always persistent.
|
*/
session: {
serializer: 'lucid',
model: 'App/Models/User',
scheme: 'session',
uid: 'email',
password: 'password'
},
/*
|--------------------------------------------------------------------------
| Basic Auth
|--------------------------------------------------------------------------
|
| The basic auth authenticator uses basic auth header to authenticate a
| user.
|
| NOTE:
| This scheme is not persistent and users are supposed to pass
| login credentials on each request.
|
*/
basic: {
serializer: 'mongoose',
model: 'App/Models/User',
token: 'App/Models/Token',
scheme: 'basic',
uid: 'email',
password: 'password'
},
/*
|--------------------------------------------------------------------------
| Jwt
|--------------------------------------------------------------------------
|
| The jwt authenticator works by passing a jwt token on each HTTP request
| via HTTP `Authorization` header.
|
*/
jwt: {
serializer: 'mongoose',
model: 'App/Models/User',
token: 'App/Models/Token',
scheme: 'jwt',
uid: 'email',
password: 'password',
options: {
secret: 'self::app.appKey'
}
},
/*
|--------------------------------------------------------------------------
| Api
|--------------------------------------------------------------------------
|
| The Api scheme makes use of API personal tokens to authenticate a user.
|
*/
api: {
serializer: 'lucid',
model: 'App/Models/User',
scheme: 'api',
uid: 'email',
password: 'password'
}
}
The routes are defined as follows:
'use strict'
const Route = use('Route')
Route.post('/login', 'UserController.login').middleware('auth:basic')
Route.post('/register', 'UserController.register')
// Route.post('/logout', 'UserController.logout').middleware('auth')
Route.get('/users/me', 'UserController.me').middleware('auth')
As you can see, the /login uses basic authentication and the /me uses jwt
The controller is this:
'use strict'
const User = use('App/Models/User')
const Logger = use('Logger')
class UserController {
async login({ request, auth, response }) {
const { email, password } = await auth.getUser()
Logger.info(email, password)
const { token } = await auth.attempt(email, password)
response.status(200).send({ token })
}
async register({ request, auth, response }) {
const { email, password, fullName } = request.post()
const user = await User.create({ email, password, fullName })
response.status(201).send('ok')
}
async me({ request, auth, response }) {
response.status(200).send(auth.user)
}
}
module.exports = UserController
When I do the test with Postman I get this error:
Apparently even though the basic authentication works, when I try to get the user of the auth object, it tells me that there is no jwt. As I can solve this problem, the intention is that with the login to generate the jwt for the other routes. Thank you.
