Even if the parameter is not jwt, it is connected.

Question

Even if the parameter is not jwt, it is connected.

Closed this issue 6 years ago · 2 comments

polyglotm commented 6 years ago

Hi everyone.
First of all I'm really appreciate this library.

when jwt is wrong it's working great.

But The situation is when input just string or something it does not prevent.

Is there any solution?

Answer 1 · 2018-11-15T11:42:18.000Z

set EMQX_ALLOW_ANONYMOUS: 'false'

Answer 2 · 2018-11-19T13:12:20.000Z

thanks, @andares

and left some tip for docker user.

add this code in your start.sh before dockerize

if [[ -z "$EMQ_MQTT__ALLOW_ANONYMOUS" ]]; then
    export EMQ_MQTT__ALLOW_ANONYMOUS="false"
fi

if [[ -z "$EMQ_LOADED_PLUGINS" ]]; then
    export EMQ_LOADED_PLUGINS="emq_recon,emq_modules,emq_retainer,emq_dashboard,emq_auth_jwt"
fi

if [[ -z "$EMQ_AUTH__JWT__SECRET" ]]; then
    export EMQ_AUTH__JWT__SECRET=some_secret
fi