Skip to content

fix: Only remove token on NotAuthenticated error in authentication client and handle error better #1525

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
daffl merged 2 commits into from
Aug 24, 2019
Merged

fix: Only remove token on NotAuthenticated error in authentication client and handle error better #1525

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
f0dbdc8
fix: Only remove token on NotAuthenticated error in authentication cl…
daffl Aug 24, 2019
26b6394
Improve test coverage, also handle 403
daffl Aug 24, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
47 changes: 26 additions & 21 deletions packages/authentication-client/src/core.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
import { NotAuthenticated } from '@feathersjs/errors';
import { NotAuthenticated, FeathersError } from '@feathersjs/errors';
import { Application } from '@feathersjs/feathers';
import { AuthenticationRequest, AuthenticationResult } from '@feathersjs/authentication';
import { Storage, StorageWrapper } from './storage';
Expand Down Expand Up @@ -118,6 +118,16 @@ export class AuthenticationClient {
return Promise.resolve(null);
}

handleError (error: FeathersError, type: 'authenticate'|'logout') {
if (error.code === 401 || error.code === 403) {
const promise = this.removeAccessToken().then(() => this.reset());

return type === 'logout' ? promise : promise.then(() => Promise.reject(error));
}

return Promise.reject(error);
}

reAuthenticate (force: boolean = false): Promise<AuthenticationResult> {
// Either returns the authentication state or
// tries to re-authenticate with the stored JWT and strategy
Expand All @@ -133,9 +143,7 @@ export class AuthenticationClient {
strategy: this.options.jwtStrategy,
accessToken
});
}).catch((error: Error) =>
this.removeAccessToken().then(() => Promise.reject(error))
);
});
}

return authPromise;
Expand All @@ -155,8 +163,8 @@ export class AuthenticationClient {
this.app.emit('authenticated', authResult);

return this.setAccessToken(accessToken).then(() => authResult);
}).catch((error: Error) =>
this.reset().then(() => Promise.reject(error))
}).catch((error: FeathersError) =>
this.handleError(error, 'authenticate')
);

this.app.set('authentication', promise);
Expand All @@ -166,20 +174,17 @@ export class AuthenticationClient {

logout () {
return Promise.resolve(this.app.get('authentication'))
.then(auth => {
if (!auth) {
return null;
}

return this.service.remove(null)
.then((authResult: AuthenticationResult) => this.removeAccessToken()
.then(() => this.reset())
.then(() => {
this.app.emit('logout', authResult);

return authResult;
})
);
});
.then(() => this.service.remove(null)
.then((authResult: AuthenticationResult) => this.removeAccessToken()
.then(() => this.reset())
.then(() => {
this.app.emit('logout', authResult);

return authResult;
})
))
.catch((error: FeathersError) =>
this.handleError(error, 'logout')
);
}
}
18 changes: 16 additions & 2 deletions packages/authentication-client/test/index.test.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@ import assert from 'assert';
import feathers, { Application } from '@feathersjs/feathers';

import client, { AuthenticationClient } from '../src';
import { NotAuthenticated } from '@feathersjs/errors';

describe('@feathersjs/authentication-client', () => {
const accessToken = 'testing';
Expand All @@ -15,7 +16,11 @@ describe('@feathersjs/authentication-client', () => {

app.configure(client());
app.use('/authentication', {
create (data) {
create (data: any) {
if (data.error) {
return Promise.reject(new Error('Did not work'));
}

return Promise.resolve({
accessToken,
data,
Expand All @@ -25,7 +30,7 @@ describe('@feathersjs/authentication-client', () => {

remove (id) {
if (!app.get('authentication')) {
throw new Error('Not logged in');
throw new NotAuthenticated('Not logged in');
}

return Promise.resolve({ id });
Expand Down Expand Up @@ -135,6 +140,15 @@ describe('@feathersjs/authentication-client', () => {
});
});

it('does not remove AccessToken on other errors', () => {
return app.authenticate({
strategy: 'testing'
}).then(() => app.authenticate({
strategy: 'testing'
})).then(() => app.authentication.getAccessToken())
.then(at => assert.strictEqual(at, accessToken));
});

it('logout when not logged in without error', async () => {
const result = await app.logout();

Expand Down