401 for token request api
tguelcan opened this issue · 5 comments
When i ask for token secured requests, i get a 401 message. Even if I follow the instructions exactly.
I have set up the project again freshly. unfortunately that doesn't help either.
- node v8.9.4
- npm 5.6.0
{
"name": "rest-generator",
"version": "0.0.0",
"main": "src",
"private": true,
"scripts": {
"start": "node .",
"test": "jest",
"coverage": "npm test -- --coverage",
"postcoverage": "opn coverage/lcov-report/index.html",
"dev": "nodemon -i \"*.test.js\" .",
"prod": "cross-env NODE_ENV=production nodemon -i \"*.test.js\" -r dotenv-safe/config .",
"lint": "eslint src",
"docs": "apidoc -i src -o docs && apidoc-markdown -p docs -o DOCS.md",
"postdocs": "opn docs/index.html"
},
"jest": {
"testEnvironment": "node",
"setupTestFrameworkScriptFile": "<rootDir>/test/setup.js"
},
"devDependencies": {
"apidoc": "^0.17.6",
"apidoc-markdown": "^0.2.0",
"babel-eslint": "^8.0.1",
"babel-jest": "^20.0.3",
"cross-env": "^5.0.5",
"dotenv-safe": "^4.0.3",
"eslint": "^4.19.1",
"eslint-config-standard": "^11.0.0",
"eslint-plugin-import": "^2.11.0",
"eslint-plugin-node": "^6.0.1",
"eslint-plugin-promise": "^3.7.0",
"eslint-plugin-standard": "^3.1.0",
"jest-cli": "^20.0.4",
"mongodb-memory-server": "^1.7.3",
"nock": "^9.0.2",
"nodemon": "^1.10.2",
"opn-cli": "^3.1.0",
"sinon": "^4.0.1",
"supertest": "^3.0.0"
},
"dependencies": {
"babel-core": "^6.26.0",
"babel-plugin-transform-runtime": "^6.23.0",
"babel-preset-es2015": "^6.24.1",
"babel-preset-stage-1": "^6.24.1",
"babel-runtime": "^6.26.0",
"bcrypt": "^2.0.1",
"bluebird": "^3.5.1",
"body-parser": "^1.18.2",
"bodymen": "^1.0.3",
"compression": "^1.7.1",
"cors": "^2.8.4",
"express": "^4.16.2",
"jsonwebtoken": "^8.1.0",
"mongoose": "^5.1.0",
"mongoose-create-unique": "^0.4.4",
"mongoose-keywords": "^0.4.0",
"morgan": "^1.7.0",
"passport": "^0.4.0",
"passport-http": "^0.3.0",
"passport-http-bearer": "^1.0.1",
"passport-jwt": "^3.0.0",
"querymen": "^2.1.3",
"rand-token": "^0.4.0",
"request": "^2.83.0",
"request-promise": "^4.2.2"
}
}
after Basic Auth:
{
"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjVjMDU4NThkYTNkYmQxOGMzNmU0MGU5ZCIsImlhdCI6MTU0Mzg2ODE2NH0.eWxADiBrQx_xoQUhcZMRJvM26XmYfPOyV8bHMCiPzZA",
"user": {
"id": "5c05858da3dbd18c36e40e9d",
"name": "test",
"picture": "https://gravatar.com/avatar/b642b4217b34b1e8d3bd915fc65c4452?d=identicon",
"email": "test@test.com",
"createdAt": "2018-12-03T19:35:41.486Z"
}
}
when i execute the curl command (or over postman) now i get the following message
curl -X POST http://0.0.0.0:9000/articles -i -d "title=Awesome Article&content=Yeah Baby&access_token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjVjMDU4NThkYTNkYmQxOGMzNmU0MGU5ZCIsImlhdCI6MTU0Mzg2ODE2NH0.eWxADiBrQx_xoQUhcZMRJvM26XmYfPOyV8bHMCiPzZA"
HTTP/1.1 401 Unauthorized X-Powered-By: Express Access-Control-Allow-Origin: * Date: Mon, 03 Dec 2018 20:19:44 GMT Connection: keep-alive Transfer-Encoding: chunked
Hi @tguelcan.
Could you please put together the code of src/api/article/index.js
and src/api/article/controller.js
?
Hi @diegohaz
// src/api/article/index.js
import { Router } from 'express'
import { middleware as query } from 'querymen'
import { middleware as body } from 'bodymen'
import { token } from '../../services/passport'
import { create, index, show, update, destroy } from './controller'
import { schema } from './model'
export Article, { schema } from './model'
const router = new Router()
const { title, content } = schema.tree
/**
* @api {post} /articles Create article
* @apiName CreateArticle
* @apiGroup Article
* @apiPermission user
* @apiParam {String} access_token user access token.
* @apiParam title Article's title.
* @apiParam content Article's content.
* @apiSuccess {Object} article Article's data.
* @apiError {Object} 400 Some parameters may contain invalid values.
* @apiError 404 Article not found.
* @apiError 401 user access only.
*/
router.post('/',
token({ required: true }),
body({ title, content }),
create)
/**
* @api {get} /articles Retrieve articles
* @apiName RetrieveArticles
* @apiGroup Article
* @apiUse listParams
* @apiSuccess {Number} count Total amount of articles.
* @apiSuccess {Object[]} rows List of articles.
* @apiError {Object} 400 Some parameters may contain invalid values.
*/
router.get('/',
query(),
index)
/**
* @api {get} /articles/:id Retrieve article
* @apiName RetrieveArticle
* @apiGroup Article
* @apiSuccess {Object} article Article's data.
* @apiError {Object} 400 Some parameters may contain invalid values.
* @apiError 404 Article not found.
*/
router.get('/:id',
show)
/**
* @api {put} /articles/:id Update article
* @apiName UpdateArticle
* @apiGroup Article
* @apiParam title Article's title.
* @apiParam content Article's content.
* @apiSuccess {Object} article Article's data.
* @apiError {Object} 400 Some parameters may contain invalid values.
* @apiError 404 Article not found.
*/
router.put('/:id',
body({ title, content }),
update)
/**
* @api {delete} /articles/:id Delete article
* @apiName DeleteArticle
* @apiGroup Article
* @apiSuccess (Success 204) 204 No Content.
* @apiError 404 Article not found.
*/
router.delete('/:id',
destroy)
export default router
// src/api/article/controller.js
import { success, notFound } from '../../services/response/'
import { Article } from '.'
export const create = ({ bodymen: { body } }, res, next) =>
Article.create(body)
.then((article) => article.view(true))
.then(success(res, 201))
.catch(next)
export const index = ({ querymen: { query, select, cursor } }, res, next) =>
Article.count(query)
.then(count => Article.find(query, select, cursor)
.then((articles) => ({
count,
rows: articles.map((article) => article.view())
}))
)
.then(success(res))
.catch(next)
export const show = ({ params }, res, next) =>
Article.findById(params.id)
.then(notFound(res))
.then((article) => article ? article.view() : null)
.then(success(res))
.catch(next)
export const update = ({ bodymen: { body }, params }, res, next) =>
Article.findById(params.id)
.then(notFound(res))
.then((article) => article ? Object.assign(article, body).save() : null)
.then((article) => article ? article.view(true) : null)
.then(success(res))
.catch(next)
export const destroy = ({ params }, res, next) =>
Article.findById(params.id)
.then(notFound(res))
.then((article) => article ? article.remove() : null)
.then(success(res, 204))
.catch(next)
its the generated code
Found it
User.findById(id).then((user) => { ...
should be
User.findOne({id: id}).then((user) => { ...
That's really weird. findById
should work.
Anyway, did it solve your problem?
I get the message
(node:45157) DeprecationWarning: collection.ensureIndex is deprecated. Use createIndexes instead.
and
mongoose.set('useCreateIndex', true);
fixes the message for now but the index behavior is changing.
id (not _id) is specified in the model as index and this contradicts itself strangely enough.
But in detail I can't say more either
this was also the core problem because findById
always searches for _id in default
solved