Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
    Aaron Heesakkers
    @aars
    (I did that this afternoon, but implemented bearer-auth from the get-go, I might have messed something up there, but I’m pretty sure I didn’t touch any of this stuff)
    Brian Gulotta
    @bgulotta
    are you saying your server is crashing and you are not able to issue anymore requests?
    Invalid Username or Password message should probably be getting sent back with the servers error response to the caller.
    Aaron Heesakkers
    @aars
    Meh, server not really crashing though. I can keep sending requests… But that error shouldn’t be there. In passport/lib/authenticator.js it should reach the point where this error is thrown:
        // serializers use 'pass' as an error to skip processing
        if ('pass' === err) {
          err = undefined;
        }
        // an error or serialized object was obtained, done
        if (err || obj || obj === 0) { return done(err, obj); }
    
        var layer = stack[i];
        if (!layer) {
          return done(new Error('Failed to serialize user into session'));
        }
    Brian Gulotta
    @bgulotta
    ill see if i can't get this scenario added to a unit test in sails-auth so we can see what needs to be refactored so that it doesn't get that far in the passport protocol
    Aaron Heesakkers
    @aars
    Recreated the issue from scratch by doing this:
    sails new permissions-test --no-frontend
    npm install sails-postgresql
    // configure postgresql connection
    // use postgresql connection in config/models.js
    npm install sails-permissions
    // add sails-permissions generator to .sailsrc
    sails generate permissions-api
    // configure default config/policies.js
    sails lift
    // set autoCreatedBy: true in sails-permissions/models/Permission.js to fix "error: column permission.createdBy does not exist"
    sails lift
    
    
    curl -H "Content-Type: application/json" -d '{"identifier":"notadmin","password":"admin1234"}' http://localhost:1337/auth/local
    Results in the same error, posting it again to be complete:
    warn: Error: Failed to serialize user into session
        at pass (/Users/aaronh/dev/RIP/permissions-test/node_modules/sails-auth/node_modules/passport/lib/authenticator.js:277:19)
        at serialized (/Users/aaronh/dev/RIP/permissions-test/node_modules/sails-auth/node_modules/passport/lib/authenticator.js:282:7)
        at /Users/aaronh/dev/RIP/permissions-test/node_modules/sails-auth/api/services/passport.js:354:3
        at pass (/Users/aaronh/dev/RIP/permissions-test/node_modules/sails-auth/node_modules/passport/lib/authenticator.js:290:9)
        at Authenticator.serializeUser (/Users/aaronh/dev/RIP/permissions-test/node_modules/sails-auth/node_modules/passport/lib/authenticator.js:295:5)
        at IncomingMessage.req.login.req.logIn (/Users/aaronh/dev/RIP/permissions-test/node_modules/sails-auth/node_modules/passport/lib/http/request.js:48:29)
        at /Users/aaronh/dev/RIP/permissions-test/node_modules/sails-auth/api/controllers/AuthController.js:98:11
        at allFailed (/Users/aaronh/dev/RIP/permissions-test/node_modules/sails-auth/node_modules/passport/lib/middleware/authenticate.js:87:18)
        at attempt (/Users/aaronh/dev/RIP/permissions-test/node_modules/sails-auth/node_modules/passport/lib/middleware/authenticate.js:160:28)
        at Strategy.strategy.fail (/Users/aaronh/dev/RIP/permissions-test/node_modules/sails-auth/node_modules/passport/lib/middleware/authenticate.js:277:9)
        at verified (/Users/aaronh/dev/RIP/permissions-test/node_modules/sails-auth/node_modules/passport-local/lib/strategy.js:82:30)
        at /Users/aaronh/dev/RIP/permissions-test/node_modules/sails-auth/api/services/protocols/local.js:149:14
        at returnResults (/Users/aaronh/.nvm/versions/node/v0.12.0/lib/node_modules/sails/node_modules/waterline/lib/waterline/query/finders/basic.js:143:29)
        at /Users/aaronh/.nvm/versions/node/v0.12.0/lib/node_modules/sails/node_modules/waterline/lib/waterline/query/finders/basic.js:74:16
        at /Users/aaronh/.nvm/versions/node/v0.12.0/lib/node_modules/sails/node_modules/waterline/lib/waterline/query/finders/operations.js:77:45
        at bound (/Users/aaronh/.nvm/versions/node/v0.12.0/lib/node_modules/sails/node_modules/lodash/dist/lodash.js:957:21)
        at applyInOriginalCtx (/Users/aaronh/.nvm/versions/node/v0.12.0/lib/node_modules/sails/node_modules/waterline/lib/waterline/utils/normalize.js:416:80)
        at wrappedCallback (/Users/aaronh/.nvm/versions/node/v0.12.0/lib/node_modules/sails/node_modules/waterline/lib/waterline/utils/normalize.js:315:18)
        at callback.success (/Users/aaronh/.nvm/versions/node/v0.12.0/lib/node_modules/sails/node_modules/waterline/node_modules/switchback/lib/normalize.js:33:31)
        at _switch (/Users/aaronh/.nvm/versions/node/v0.12.0/lib/node_modules/sails/node_modules/waterline/node_modules/switchback/lib/factory.js:48:28)
        at /Users/aaronh/.nvm/versions/node/v0.12.0/lib/node_modules/sails/node_modules/waterline/lib/waterline/adapter/dql.js:163:36
        at bound (/Users/aaronh/.nvm/versions/node/v0.12.0/lib/node_modules/sails/node_modules/lodash/dist/lodash.js:957:21) [Error: Failed to serialize user into session]
    warn: undefined
    warn: Error.Passport.Username.NotFound
    error: Sending empty 500 ("Server Error") response
    Aaron Heesakkers
    @aars
    I’m giving up for today… My other setup, built wilt sails-generate-auth seems to use the same versions of passport and passport-local, but doesn’t have this issue. I’m struggling to find the difference, I can’t even find whoever is (or should) call passport.serializeUser right now… I can no longer brain today. I have the dumb.
    Thanks though! Cheers!
    Brian Gulotta
    @bgulotta
    ha
    see ya
    Brian Gulotta
    @bgulotta
    k. i've got that issue fixed
    let me submit a PR to get the changes merged into sails-auth
    Brian Gulotta
    @bgulotta
    alrighty pull request is submitted with that fix
    as soon as tjwebb accepts and pushes the new version to npm you won't see that passport error on your server
    it will also return a more correct status code of 400
    instead of 500
    Aaron Heesakkers
    @aars
    That’s awesome! Will check it out after my coffee and stuff.
    Aaron Heesakkers
    @aars
    Mmm.. any good reason why getGravatarUrl is part of sails-auth? Seems mighty unrelated.
    Brian Gulotta
    @bgulotta
    not sure probably just to give a consistent way to show a users image within an application
    just updated that error code to return 403
    Aaron Heesakkers
    @aars
    Great. Thanks. Your PR was the last piece of the puzzle for me! Thanks for that.
    Brian Gulotta
    @bgulotta
    np. i'm planning on using both of these libraries in an api i'm working on as well
    want to make sure they are solid
    reproduce any issues with unit tests and then fix them
    Aaron Heesakkers
    @aars
    I’ll try to contribute, but my main goal is actually building this backend :) I’m forked sails-auth and are modifying it, since I though it was odd to override large parts of the AuthController for example. I’m not using a frontend on sails, so I have no use for redirects for example.
    And I also need to generate and return a bearer token after successfull local auth. That kind of stuff. As soon as I have a good overview of what I’m doing and the codebase I’m working in I’ll try to set it up as modular as possible.
    Brian Gulotta
    @bgulotta
    cool
    yeah i'm not using the sails for a front-end either
    Aaron Heesakkers
    @aars
    I have a sneaking suspicion that the passport protocol extensions in api/services/protocols/ don’t do anything/are useless. Since sails-auth requires them from it’s own subdir, there is nobody/nocode that requires the ‘extensions’ that are dropped in your project dir.
    I think it might be better to have a generate script that places a lot of these requirements in your project dir, most obvious example would be the AuthController. This would also encourage people to modify it to their own needs in a better way.. since now you either have to override some pretty specific flow (the redirects, the use of req.flash) in your subclass, or dive into your node_modules breaking easy dependencies.
    Aaron Heesakkers
    @aars
    Here are my current changes, by far useable for anybody else, got my own BearerToken model stuck in there (protocols/local.js). Will find a way to clean this up soon. https://github.com/aars/sails-auth/commits/master
    AuthController is probably a better place for creating that BearerToken.
    Or maybe some magic within passportjs? Somehow generate a token, store it in a common/good place and add it to the found user, but that last part is again custom code.
    Aaron Heesakkers
    @aars
    Gurrr… passport is trying to authenticate whenever I post a to-be-created user to my /users endpoints.. Hahaha.. ugh...
    I’m done with code for today. Time to break open this iMac and install some SSD sweetness. Cheers all! Thanks.
    Brian Gulotta
    @bgulotta
    SSD is goooooooooo
    d
    Aaron Heesakkers
    @aars
    Yeah, especially when running two node projects that both watch soo freaking many files :)
    Brian Gulotta
    @bgulotta
    using nodemon?
    Aaron Heesakkers
    @aars
    Yeah, at least one. There might be some grunt watching task as well.
    Poor machines doesn't handle it well.
    Aaron Heesakkers
    @aars
    That was one hell of an exercise! :D But it's in!
    Brian Gulotta
    @bgulotta
    everything nice and snappy now?
    Aaron Heesakkers
    @aars
    Still installing.
    Aaron Heesakkers
    @aars
    Because you really wanted to know: Yeah. Nice and snappy. I had never done any node work on a non-ssd, and I hope no-one ever should :)
    Travis Webb
    @tjwebb
    I've got two ssds in raid 0 in my laptop. I basically have 500gb of ram :)
    Aaron Heesakkers
    @aars
    Nice. No need for a .nodemonignore file then :)