Reputation: 455
admin-on-rest / restClient : call a resource with no auth
I made a register page that use restClient to send a POST to /users api. But my problem is that the only way to send a POST is to be logged first as I receive this error log from the restClient :
'Could not find stored JWT and no authentication strategy was given'
Is there a way to desactivate the authentication middleware for a specific api call ?
// registerActions.js
import { CREATE } from 'admin-on-rest'
export const USER_REGISTER = 'AOR/USER_REGISTER'
export const USER_REGISTER_LOADING = 'AOR/USER_REGISTER_LOADING'
export const USER_REGISTER_FAILURE = 'AOR/USER_REGISTER_FAILURE'
export const USER_REGISTER_SUCCESS = 'AOR/USER_REGISTER_SUCCESS'
export const userRegister = (data, basePath) => ({
type: USER_REGISTER,
payload: { data: { email: data.username, ...data } },
meta: { resource: 'users', fetch: CREATE, auth: true },
})
//registerSaga.js
import { put, takeEvery, all } from 'redux-saga/effects'
import { push } from 'react-router-redux'
import { showNotification } from 'admin-on-rest'
import {
USER_REGISTER,
USER_REGISTER_LOADING,
USER_REGISTER_SUCCESS,
USER_REGISTER_FAILURE
} from './registerActions'
function* registerSuccess() {
yield put(showNotification('Register approved'))
yield put(push('/'))
}
function* registerFailure({ error }) {
yield put(showNotification('Error: register not approved', 'warning'))
console.error(error)
}
export default function* commentSaga() {
yield all([
takeEvery(USER_REGISTER_SUCCESS, registerSuccess),
takeEvery(USER_REGISTER_FAILURE, registerFailure),
])
}Upvotes: 0
Views: 349
Answers (2)
Reputation: 1283
You can also write a rest wrappper this will intercept the call for this particular case and bypass auth
So something like below
const restWrapper = requestHandler => (type, resource, params) => {
import { fetchUtils } from 'admin-on-rest';
if (type === 'CREATE' && resource === 'users') {
return fetchUtils.fetchJson(url, params)
.then((response) => {
const {json} = response;
return { data: json };
})
}
Eliminates the need of rewriting an entire Rest Client when you only want to override the default behaviour for a single case
Upvotes: 2
Reputation: 7066
You'll probably have to make your own feathers client and explicitly bypass the call to authenticate for this specific request
Upvotes: 2
Related Questions
- How to secure an REST API without login
- Authorizing REST resource access
- Creating a custom rest client admin-on-rest
- Authorizing access to resource in a REST API
- Using admin-on-rest with public routes
- Having problems making a call to RESTful api without authorization?
- Using GET method in RESTful API where authentication is required
- RestClient get with auth_token
- How do I do Rails Basic Authorization with RestClient?
- Force Restful Authentication to login as a specific user (an admin function)?