These are chat archives for waterlock/waterlock

9th
Sep 2015
ryd0rz
@ryd0rz
Sep 09 2015 22:09

Hey all, does setting "stateless: true" in the waterlock config still leverage sessions? I am seeing this code in the /lib/controllers/actions/jwt.js -

(function (exports, require, module, __filename, __dirname) { 'use strict';

/* global waterlock */

/**
 * jwt action
 *
 * creates a new token if a session is authenticated
 *
 * GET /user/jwt
 */
module.exports = function(req, res){
  if(!req.session.authenticated){
    return res.forbidden('You are not authorized.');
  }

... do rest of jwt token stuff

This appears to be checking if a session was authenticated before doing any JWT stuff...?

Also, I am not getting a token back when logging in to /auth/login ... is this expected behaviour?