500 Error for /api/users/<user hash id here> when clicking register button
Closed this issue · 5 comments
The "token - fail" line is a console.log() that I put in /app/server/routes/auth.js to determine where the user is not being pulled up.
router.post('/login',
function(req, res, next){
var email = req.body.email;
var password = req.body.password;
var token = req.body.token;
if (token) {
UserController.loginWithToken(token,
function(err, token, user){
if (err || !user) {
console.log("token - fail");
return res.status(400).send(err);
}
return res.json({
token: token,
user: user
});
});
} else {
UserController.loginWithPassword(email, password,
function(err, token, user){
if (err || !user) {
console.log("password - fail");
return res.status(400).send(err);
}
return res.json({
token: token,
user: user
});
});
}
This tells me there is something going wrong with authentication by token.
We ran into this issue as well when updating dependencies a couple days before HackMIT this past weekend. The JWT dependency has caused us a lot of headaches in the past, and it seems they're the culprit for this issue. Lock the jsonwebtoken
dependency to =5.0.4
in package.json
, and in app/server/models/User.js
, update the following function:
schema.statics.getByToken = function(token, callback){
jwt.verify(token, JWT_SECRET, function(err, id){
if (err) {
return callback(err);
}
this.findOne({_id: id}, callback);
}.bind(this));
};
Note: this doesn't seem to completely solve the problem, as there are some mysterious API issues that persist despite this change, but it should be sufficient to get up and running. Try these steps and let us know how it turns out for you. If you could submit a PR with your fixes that'd be great!
Note: I haven't tested these changes in this repository, which has diverged slightly from ours.
@turbomaze @jlin816 good to close?