MeJoker
Reputation: 33
AdonisJs Sharing sessions
I am working with AdonisJs framework to develop an authentication page for multiple users. This page is expected to enable users to view profile only when they are authenticated. But Adonis is now sharing sessions between every user connected to application. Thus, the profile is enabled for everyone once someone logins.
'use strict'
class UserController {
* login (request, response) {
const email = request.input('email')
const password = request.input('password')
const login = yield request.auth.attempt(email, password)
if (login) {
response.send('Logged In Successfully')
return
}
response.unauthorized('Invalid credentails')
}
* profile (request, response) {
const user = yield request.auth.getUser()
if (user) {
response.ok(user)
return
}
response.unauthorized('You must login to view your profile')
}
}The following is config for config/auth.js
'use strict'
const Config = use('Config')
module.exports = {
/*
|--------------------------------------------------------------------------
| Authenticator
|--------------------------------------------------------------------------
|
| Authenticator is a combination of HTTP Authentication scheme and the
| serializer to be used for retrieving users. Below is the default
| authenticator to be used for every request.
|
| Available Schemes - basic, session, jwt, api
| Available Serializers - Lucid, Database
|
*/
authenticator: 'session',
/*
|--------------------------------------------------------------------------
| Session Authenticator
|--------------------------------------------------------------------------
|
| Session authenticator will make use of sessions to maintain the login
| state for a given user.
|
*/
session: {
serializer: 'Lucid',
model: 'App/Model/User',
scheme: 'session',
uid: 'email',
password: 'password'
},
/*
|--------------------------------------------------------------------------
| Basic Auth Authenticator
|--------------------------------------------------------------------------
|
| Basic Authentication works on Http Basic auth header.
|
*/
basic: {
serializer: 'Lucid',
model: 'App/Model/User',
scheme: 'basic',
uid: 'email',
password: 'password'
},
/*
|--------------------------------------------------------------------------
| JWT Authenticator
|--------------------------------------------------------------------------
|
| Jwt authentication works with a payload sent with every request under
| Http Authorization header.
|
*/
jwt: {
serializer: 'Lucid',
model: 'App/Model/User',
scheme: 'jwt',
uid: 'email',
password: 'password',
secret: Config.get('app.appKey')
},
/*
|--------------------------------------------------------------------------
| API Authenticator
|--------------------------------------------------------------------------
|
| Api authenticator authenticates are requests based on Authorization
| header.
|
| Make sure to define relationships on User and Token model as defined
| in documentation
|
*/
api: {
serializer: 'Lucid',
model: 'App/Model/Token',
scheme: 'api'
}
}following is config/database.js
'use strict'
const Env = use('Env')
const Helpers = use('Helpers')
module.exports = {
/*
|--------------------------------------------------------------------------
| Default Connection
|--------------------------------------------------------------------------
|
| Connection defines the default connection settings to be used while
| interacting with SQL databases.
|
*/
connection: Env.get('DB_CONNECTION', 'pg'),
/*
|--------------------------------------------------------------------------
| Sqlite
|--------------------------------------------------------------------------
|
| Sqlite is a flat file database and can be good choice under development
| environment.
|
| npm i --save sqlite3
|
*/
sqlite: {
client: 'sqlite3',
connection: {
filename: Helpers.databasePath('development.sqlite')
},
useNullAsDefault: true
},
/*
|--------------------------------------------------------------------------
| MySQL
|--------------------------------------------------------------------------
|
| Here we define connection settings for MySQL database.
|
| npm i --save mysql
|
*/
mysql: {
client: 'mysql',
connection: {
host: Env.get('DB_HOST', 'localhost'),
user: Env.get('DB_USER', 'root'),
password: Env.get('DB_PASSWORD', ''),
database: Env.get('DB_DATABASE', 'adonis')
}
},
/*
|--------------------------------------------------------------------------
| PostgreSQL
|--------------------------------------------------------------------------
|
| Here we define connection settings for PostgreSQL database.
|
| npm i --save pg
|
*/
pg: {
client: 'pg',
connection: {
host: Env.get('DB_HOST', 'localhost'),
user: Env.get('DB_USER', 'correctuser'),
password: Env.get('DB_PASSWORD', 'correctpassword'),
database: Env.get('DB_DATABASE', 'correctdb')
}
}
}Upvotes: 0
Views: 1800
Answers (1)
Romain Lanz
Reputation: 885
This was a bug in Adonis 3.0.3 you should upgrade Adonis to the latest version (3.0.6 at the moment).
Upvotes: 1
Related Questions
- Access Denied after interactionFinished using node-oidc-provider
- AdonisJS Request Origin
- Authenticate Adonis Websocket Connections
- How to use "auth" with Adonis without a crypted password?
- node.js session
- Socket.io with Adonis.js
- Capture error 401 adonis.js error E_INVALID_SESSION: Invalid session
- Adonisjs - Add basic auth to Static server middleware?
- AdonisJs User Authentication for User Login Fails
- Sharing session between two node apps using SSO