gladius/firebase-spring-boot-rest-api-authentication

NullPointer when first time Session Login

cycorax12 opened this issue · 1 comments

cycorax12 commented

Code throws NPE when user Signs-In. I have enabled enableStrictServerSession.

java.lang.NullPointerException: null
at io.thepro.apiservice.security.SessionController.sessionLogin(SessionController.java:45) ~[classes/:an]

When users first logs in, sessionCookie is not present, and given enableStrictServerSession is true, as per https://github.com/gladius/firebase-spring-boot-rest-api-authentication/blob/master/src/main/java/io/thepro/apiservice/security/SecurityFilter.java decodedToken is not fetched from Request.

As a result, the user is null, and Authentication is not set into Context Holder.

gladius commented

@cycorax12 I have checked the server side session code and it seems to work as expected. I assume that, the session token is not set and sent properly to the server.

A few things to check to debug the cause,

  1. Due to browser security restrictions http://localhost won't work as such, Https and domain are required to develop and test session in your local machine, follow this post to setup domain with https in dev environment Local Domain names with SSL for local development applications
  2. Print all the http headers you receive from rest request, look into cookies to see if the token is present.