Authentication to Featherjs using socket.io-client - node.js

How can I authenticate to Feathersjs (https://docs.feathersjs.com/api/client/socketio.html#authentication) using Direct Connection (https://docs.feathersjs.com/api/client/socketio.html#direct-connection)? The following code says that my accessToken is malformed, but I suspect there's more than that to get it working. Where do I fetch an accessToken?
app.js (client):
import express from 'express';
const socket = require('socket.io-client')('http://localhost:3030', {
transports: ['websocket']
});
socket.emit('authenticate', {
strategy: 'jwt',
accessToken: 'what to enter here'
}, (message: any, data: any) => {
console.log(message);
console.log(data);
});
const app = express();
app.get('/', (req, res) => res.send('Up and running!'));
app.listen(4390, () => console.log('Example app listening on port 4390!'));
authentication.js (feathers server)
const authentication = require('#feathersjs/authentication');
const jwt = require('#feathersjs/authentication-jwt');
const local = require('#feathersjs/authentication-local');
module.exports = function (app) {
const config = app.get('authentication');
// Set up authentication with the secret
app.configure(authentication(config));
app.configure(jwt());
app.configure(local());
app.service('authentication').hooks({
before: {
create: [
authentication.hooks.authenticate(config.strategies),
],
remove: [
authentication.hooks.authenticate('jwt')
]
}
});
};
I tried using the secret as an accessToken but it didnt work :)
default.json (feathers server config)
"authentication": {
"secret": "r323r32rada86700f18d82ea1d3e74fb58141dbefcd7460ef71736759265e347151a12d68dff50aa59c05e2f18db88661be8ae91a3f12932fddea8891b5ca9f63b5e4fc650edabc59d0d14e8fe4ea54256e7e386845321ab58a320a9ec99438bd058a3fbbda65dadf97bc9585ea82f72201f932beqwdqwdqwd5761a0d0be3e95474db5b9c8a3f4c7303beed0344a1768ba5dad6a1c916d183ea5dd923587768661ff0b08f25ed85dff4ff4e6b58327fe5914e5e7fb2356ee67754b102434f22686444a35fc38c75bcdd6386240a22e0cf62bdc7f227200868da387174b365af2afa7dec378c4ccf22956b134a3ec961fd1ba8d3dc85a7594ab711",
"strategies": [
"jwt",
"local"
],
"path": "/authentication",
"service": "users",
"jwt": {
"header": {
"typ": "access"
},
"audience": "https://yourdomain.com",
"subject": "anonymous",
"issuer": "feathers",
"algorithm": "HS256",
"expiresIn": "1d"
},
"local": {
"entity": "user",
"usernameField": "email",
"passwordField": "password"
}
},
...
Thankful for all replies!

In order to get an accessToken you will typically need to authenticate with a strategy using email/password or oauth. This will return an accessToken which you can then use for jwt authentication.
An alternative approach would be to use a custom authentication strategy which would allow you to have a shared secret that both servers could use to communicate with each other.

Thank you #mchaffe! I managed to solve it with your help. Here is the code used:
import dotenv from 'dotenv';
// Load environments
const config = dotenv.config()
if (config.error) throw config.error
const io = require('socket.io-client');
const feathers = require('#feathersjs/client');
const localStorage = require('localstorage-memory');
const client = feathers();
const socket = io('http://localhost:3030/', {
transports: ['websocket'],
forceNew: true
});
client.configure(feathers.socketio(socket), {
timeout: 10000
});
client.configure(feathers.authentication({
jwtStrategy: 'jwt',
storage: localStorage,
storageKey: 'some-token'
}));
const payload = {
strategy: 'local',
email: process.env.FEATHERS_AUTHENTICATION_EMAIL,
password: process.env.FEATHERS_AUTHENTICATION_PASSWORD
};
client.authenticate(payload).then((response: any) => {
// Do stuff to hooray here
console.log('Access Token: ' + response.accessToken);
// Works!
socket.emit('get', 'logger', 1, (error: any, log: any) => {
console.log('Found log: ' + JSON.stringify(log));
});
}).catch((e: any) => {
console.log('Error: ' + e);
});
I am all ears if you have suggestion on improvements! :) It seems I can access data from the database using the socket.emit method. Do I need to verify the accessToken returned? Thanks again!

Related

how to use local swagger.json, istead of giving api controllers

I am new to swagger. I am creating an express-nodejs-typescript, rest api project. I have configured swagger and it is working fine, please see my code below.
import swaggerUi from "swagger-ui-express";
import swaggerJsdoc from 'swagger-jsdoc'
const app = express()
const swaggerOptions: swaggerJsdoc.Options = {
definition: {
openapi: "3.0.0",
info: {
title: "REST API Docs",
version: '1.0',
},
components: {
securitySchemas: {
bearerAuth: {
type: "http",
scheme: "bearer",
bearerFormat: "JWT",
},
},
},
security: [
{
bearerAuth: [],
},
],
},
apis: ['src/apis/**/*.controller.ts', 'src/schemas/*.schema.ts'],
};
const swaggerDocs = swaggerJsdoc(swaggerOptions);
app.use(
"/docs",
swaggerUi.serve,
swaggerUi.setup(swaggerDocs, { explorer: true })
);
What i want is to use local swagger.json file, instead on giving apis array apis: ['src/apis/**/*.controller.ts', 'src/schemas/*.schema.ts'],
How can I do that, please help.
something like this should work:
const app = express();
const swaggerUi = require('swagger-ui-express');
try {
const swaggerDoc = require('./your/doc/swagger.json');
app.use('/doc', swaggerUi.serve, swaggerUi.setup(swaggerDoc));
} catch (error) {
console.error('Error loading Swagger json: ', error);
}
app.listen(3000, '0.0.0.0', () => {
console.log(`šŸš€ Server started: http://localhost:3000/doc`);
});

How to resolve 'system:error:invalid-token' In Nexmo Vonage SDK changing to a new app in the same account

I am using "#vonage/server-sdk": "2.10.7-beta-2" package on server to create users in Vonage.
To create the user, I used this API
const Vonage = require('#vonage/server-sdk');
const v = new Vonage({
apiKey: config.voipConfig.key,
apiSecret: config.voipConfig.secret,
applicationId: config.voipConfig.appId,
privateKey: config.voipConfig.privateKeyPath
};
v.users.create({
"name": payload.username,
"display_name": payload.displayName
}, (error: any, result: any) => {
});
Everything was working fine. But when I created a new application in vonage account and used new configs, it started to throw the following error
{
description: 'You did not provide a valid token. Please provide a valid token.',
code: 'system:error:invalid-token'
}
I have checked the details multiple times and not sure what is wrong.
The new credentials are from completely new account.
Any help would be much appreciated.
Looks like you are using the Vonage Conversations API to create a user. In good practice, we usually use dotenv to store our .env variables. If you are using a public github repo, remember to add *.env to your .gitignore.
npm install dotenv
// .env
API_KEY=
API_SECRET=
APPLICATION_ID=
APPLICATION_PRIVATE_KEY_PATH=
TO_NUMBER=<YOUR CELL NUMBER>
VIRTUAL_NUMBER=<VONAGE VIRTUAL NUMBER>
NGROK_URL=https://<URL>.ngrok.io
For testing purposes. Can you make an outbound call with the snippet below? That'll test your credentials.
Make sure to store the private.key in same directory as .env and outbound-call.js
// outbound-call.js
require("dotenv").config();
const API_KEY = process.env.API_KEY;
const API_SECRET = process.env.API_SECRET;
const APPLICATION_ID = process.env.APPLICATION_ID;
const APPLICATION_PRIVATE_KEY_PATH = process.env.APPLICATION_PRIVATE_KEY_PATH;
const TO_NUMBER = process.env.TO_NUMBER;
const VIRTUAL_NUMBER = process.env.VIRTUAL_NUMBER;
if (!API_KEY || !API_SECRET) {
console.log("šŸ”„ API_KEY or API_SECRET missing");
process.exit(1);
}
if (!APPLICATION_ID || !APPLICATION_PRIVATE_KEY_PATH) {
console.log("šŸ”„ APPLICATION_ID or APPLICATION_PRIVATE_KEY_PATH missing");
process.exit(1);
}
if (!TO_NUMBER || !VIRTUAL_NUMBER) {
console.log("šŸ”„ TO_NUMBER or VIRTUAL_NUMBER missing");
process.exit(1);
}
const Vonage = require("#vonage/server-sdk");
const vonage = new Vonage({
apiKey: API_KEY,
apiSecret: API_SECRET,
applicationId: APPLICATION_ID,
privateKey: APPLICATION_PRIVATE_KEY_PATH,
});
vonage.calls.create({
to: [
{
type: "phone",
number: process.env.TO_NUMBER,
},
],
from: {
type: "phone",
number: process.env.VIRTUAL_NUMBER,
},
ncco: [
{
action: "talk",
text: "This is a text to speech call from Vonage",
},
],
});
To test the Conversations API, you will need to enable Voice for your Vonage Application and set the answer Webhook. I use NGROK as well, so it should look like this. https://<URL>.ngrok.io/webhooks/answer
When working with Conversations API, I usually do:
Create a Conversation
Create a User
Create a Member
and put that into the /webhooks/answer
//server.js
require('dotenv').config();
let express = require('express');
let cookieParser = require('cookie-parser');
let logger = require('morgan');
let app = express();
let port = 5001;
app.use(logger('dev'));
app.use(express.json());
app.use(express.urlencoded({ extended: false }));
app.use(cookieParser());
app.use(express.static('public'));
const NGROK_URL = process.env.NGROK_URL;
const Vonage = require('#vonage/server-sdk');
const vonage = new Vonage({
apiKey: process.env.API_KEY,
apiSecret: process.env.API_SECRET,
applicationId: process.env.APPLICATION_ID,
privateKey: process.env.APPLICATION_PRIVATE_KEY_PATH
});
app.post('/webhooks/answer', async (req, res) => {
console.log('šŸšš answer', req.body);
let result = req.body;
const createCallConversationPromise = (ConvName, ConvDisplayName) => new Promise((resolve, reject) => {
vonage.conversations.create({
"name": ConvName,
"display_name": ConvDisplayName,
}, (error, result) => error ? reject(error) : resolve(result));
});
const createCallUserPromise = (Name, DisplayName) => new Promise((resolve, reject) => {
vonage.users.create({
name: Name,
display_name: DisplayName,
}, (error, result) => error ? reject(error) : resolve(result));
});
const createCallMemberPromise = (ConvId, UserId) => {
vonage.conversations.members.create(ConvId, {
"action": "join",
"user_id": UserId,
"channel": {
"type": "app"
}
}, (error, result) => {
if(error) {
console.log('\nšŸ”„ Error Creating Member', error);
}
else {
console.log('\nāœ… Created Member with ConvId', ConvId, 'and UserId',UserId)
console.log(result);
}
})
};
try {
let ConvName = result.from + result.to + result.conversation_uuid;
console.log('nāœ… ConvName', ConvName);
let ConvDisplayName = result.from + result.to + result.conversation_uuid;
const conversation = await createCallConversationPromise(ConvName, ConvDisplayName);
process.env.CONVERSATION_ID = conversation.id;
console.log('\nāœ… CONVERSATION_ID', process.env.CONVERSATION_ID);
let Name = result.from + result.conversation_uuid;
let DisplayName = result.from;
const callUser = await createCallUserPromise(Name, DisplayName);
console.log('\nāœ… UserId', callUser.id)
let ConvId = conversation.id;
let UserId = callUser.id;
const memberUser = await createCallMemberPromise(ConvId, UserId);
let ncco = [
{
action: "talk",
text: "<speak><lang xml:lang='en-GB'>Welcome to Vonage Development inbound call testing</lang></speak>",
voiceName: "Emma"
},
];
res.json(ncco);
} catch (error) {
console.log("šŸ”„ Error", error);
let ncco = [
{
"action": "talk",
"text": "<speak><lang xml:lang='en-GB'>Error on Process Answer</lang></speak>",
"voiceName": "Emma"
}
];
res.json(ncco);
}
});

NodeJS + Google Login + Firebase Functions results in decoding firebase session cookie failed

I require a Google Sign-In for a Firebase application, to get this done I used multiple sources:
auth-sessions provides a good out of the box example with NodeJS + Firebase + Google Login.
manage firebase session provides a sample NodeJS functions (not entire working solution) to work with Firebase Functions.
The problem:
When attempting to sign in into a Google account on production, the following error occurs when executing the code authenticate function below:
admin
.auth()
.verifySessionCookie(sessionCookie, true /** checkRevoked */)
.then((decodedClaims) => {
log("Decode success");
// inbetween checks
log("Successfully decoded and authenticated");
next();
})
.catch((error) => {
log("Error authenticating"); < ---- THIS IS THE PROBLEM
...
});
This error ONLY occurs when on production i.e. deployed to Firebase. When testing locally using firebase emulators emulating hosting and functions only (auth, firestore, database, etc are all production), login is successful. When deploying, the login fails with the error below.
Error:
Decoding Firebase session cookie failed. Make sure you passed the entire string JWT which represents a session cookie. See https://firebase.google.com/docs/auth/admin/manage-cookies for details on how to retrieve a session cookie.
More Details:
Below is a high-level overview of steps/actions performed
Steps overview of actions performed
1. Visit any page e.g. /login
2. Click sign in with Google, execute the popup provider (see [here][3])
2.
1. Sign in with Google account
2. Send token to firebase functions for verification i.e. `POST /sessionLogin`
3. Receive response (assume 200 OK)
4. Redirect to authenticated URL
The error is on the last step i.e. 4
This error occurs after successfully creating a session using the sample /sessionLogin code found here on firebase's site:
const auth = admin.auth();
auth.verifyIdToken(idToken).then(value => {
debug("Token verified")
return auth.createSessionCookie(idToken, {expiresIn})
.then((sessionCookie) => {
// Set cookie policy for session cookie.
const options = {maxAge: expiresIn, httpOnly: true, secure: true};
res.cookie('session', sessionCookie, options);
// res.json(JSON.stringify({status: 'success'}));
res.status(200).send("OK");
}).catch((error) => {
debug(error);
res.status(401).send('UNAUTHORIZED REQUEST!');
});
}).catch(reason => {
debug("Unable to verify token");
debug(reason);
res.status(401).send('INVALID TOKEN!');
});
The logs respond with a Token verified and a status 200 is sent to the client.
The client then redirects to an authenticated URL /user/dashboard which performs the authenticate check (see below) which fails and redirects back to /login:
const authenticate = (req, res, next) => {
log("Authenticating");
// source: https://firebase.google.com/docs/auth/admin/manage-cookies#verify_session_cookie_and_check_permissions
const sessionCookie = req.cookies.session || '';
// Verify the session cookie. In this case an additional check is added to detect
// if the user's Firebase session was revoked, user deleted/disabled, etc.
return admin
.auth()
.verifySessionCookie(sessionCookie, true /** checkRevoked */)
.then((decodedClaims) => {
log("Decode success");
// inbetween checks
log("Successfully decoded and authenticated");
next();
})
.catch((error) => {
log("Error authenticating");
if(error.errorInfo && error.errorInfo.code && error.errorInfo.code === "auth/argument-error") {
debug(error.errorInfo.message);
res.redirect('/user/login');
return;
}
debug(error);
// Session cookie is unavailable or invalid. Force user to login.
req.flash("message", [{
status: false,
message: "Invalid session, please login again!"
}])
res.redirect('/user/login');
});
};
which is middleware for the express app:
admin.initializeApp({
credential: admin.credential.cert(serviceAccount),
databaseURL: "https://my-company-default-rtdb.firebaseio.com",
storageBucket: "gs://my-company.appspot.com"
});
const app = express();
app.use(cors({origin: true}));
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({extended: true}));
app.use(morgan('dev'));
app.use(cookieParser('0000-0000-0000-0000-0000'))
app.set('trust proxy', 1) // trust first proxy
// Attach CSRF token on each request.
app.use(attachCsrfToken('/', 'csrfToken', (Math.random()* 100000000000000000).toString()));
app.use(session({
secret: '0000-0000-0000-0000-0000',
resave: false,
name: '__session',
store: new FirebaseStore({
database: admin.database()
}),
}));
app.use(flash());
app.use(authenticate);
// routes
exports.app = functions.https.onRequest(app);
Execution Logs:
1:12:02.796 PM app Function execution started
1:12:02.910 PM app Authenticating
1:12:02.910 PM app Attempting to verify session cooking
1:12:02.910 PM app Cookies: {}
1:12:02.911 PM app Error authenticating
1:47:41.905 PM app auth/argument-error
1:12:02.911 PM [app] Decoding Firebase session cookie failed. Make sure you passed the entire string JWT which represents a session
cookie. See https://firebase.google.com/docs/auth/admin/manage-cookies
for details on how to retrieve a session cookie.
1:12:02.937 PM [app] Function execution took 141 ms, finished with status code: 302
Update
Call to backend for auth:
const postIdTokenToSessionLogin = (idToken, csrfToken) => {
return axios({
url: "/user/sessionLogin",
method: "POST",
data: {
idToken: idToken,
csrfToken: csrfToken,
},
}).then(value => {
console.log(value);
if(value.status === 200) {
window.location.assign("/user/dashboard");
}
}).catch(reason => {
console.error(reason);
alert("Failed to login");
});
}
Client side call:
var provider = new firebase.auth.GoogleAuthProvider();
firebase.auth()
.signInWithPopup(provider)
.then(async value => {
firebase.auth().currentUser.getIdToken().then(idToken => {
// const idToken = value.credential.idToken;
const csrfToken = getCookie('_csrf');
return postIdTokenToSessionLogin(idToken, csrfToken);
}).catch(reason => {
console.error("Failed to get current user token");
alert(reason.message);
});
})/*.then(value => {
window.location.assign("/user/dashboard")
})*/.catch((error) => {
console.error("Failed to sign in with Google");
alert(error.message);
});
Update 2:
Updated client-side axios request with the following, also added extra req.cookies logging
return axios({
url: "/user/sessionLogin",
method: "POST",
withCredentials: true,
data: {
idToken: idToken,
csrfToken: csrfToken,
},
})
Extra logging:
4:43:23.493 PM app Function execution started
4:43:23.501 PM app Authenticating
4:43:23.501 PM app Creating session
4:43:23.502 PM app /sessionLogin Cookies: {"csrfToken":"19888568527706150","session":"eyJhbGciOiJSUzI1NiIsImtpZCI6InRCME0yQSJ9.eyJpc3MiOiJodHRwczovL3Nlc3Npb24uZmlyZWJ..."}
4:43:23.503 PM app Token verified
4:43:23.503 PM app {"name":redacted ,"picture":"","iss":"","aud":"",...}
4:43:23.503 PM app ==============
4:43:23.503 PM app /sessionLogin#verifyIdToken Cookies: {"csrfToken":"19888568527706150","session":"eyJhbGciOiJSUzI1NiIsImtpZCI6InRCME0yQSJ9.eyJpc3MiOiJodHRwczovL3Nlc3Npb24uZmlyZWJ..."}
4:43:23.634 PM app /sessionLogin#createSessionCookie Cookies: {"csrfToken":"19888568527706150","session":"eyJhbGciOiJSUzI1NiIsImtpZCI6InRCME0yQSJ9.eyJpc3MiOiJodHRwczovL3Nlc3N..."}
4:43:23.634 PM app Cookie:
4:43:23.634 PM app "eyJhbGciOiJSUzI1NiIsImtpZCI6InRCME0yQSJ9.eyJpc3MiOiJodHRwczovL3Nlc3Npb24uZmlyZWJhc2UuZ29vZ..."
4:43:23.634 PM app ==============
4:43:23.643 PM app [0mPOST /user/sessionLogin [32m200[0m 139.036 ms - 2[0m
4:43:23.643 PM app Function execution took 150 ms, finished with status code: 200
4:43:24.131 PM app Function execution started
4:43:24.153 PM app Authenticating
4:43:24.153 PM app Attempting to verify session cooking
4:43:24.153 PM app Cookies: {}
Update 3
Rewrites enabled API & NodeJS access exactly as shown in firebase.json:
{
"database": {
"rules": "database.rules.json"
},
"firestore": {
"rules": "firestore.rules",
"indexes": "firestore.indexes.json"
},
"hosting": {
"site": "my-company-admin-portal",
"public": "public",
"rewrites": [
{
"source": "/api/**",
"function": "api"
},
{
"source": "**",
"function": "app"
}
],
"ignore": [
"firebase.json",
"**/.*",
"**/node_modules/**"
]
},
"storage": {
"rules": "storage.rules"
},
"emulators": {
"auth": {
"port": 9099
},
"functions": {
"port": 5001
},
"database": {
"port": 9000
},
"hosting": {
"port": 5000
},
"storage": {
"port": 9199
},
"ui": {
"enabled": true
}
}
}
sessionCookie is undefined as in the code provided in the question.
// Authenticate middleware right now
const authenticate = (req, res, next) => {
log("Authenticating");
// No sessionCookie declared
return admin
.auth()
.verifySessionCookie(sessionCookie, true /** checkRevoked */)
// undefined passed here ^^^
}
You must pass the cookie that you set after using createSessionCookie in verifySessionCookie method as shown below:
// updated authenticate middleware
const authenticate = async (req, res, next) => {
try {
log("Authenticating");
// Read the value of cookie here
const sessionCookie = req.cookies.session
// Return unauthorized error if cookie is absent
if (!sessionCookie) return res.sendStatus(401)
const decodedClaims = await admin.auth().verifySessionCookie(sessionCookie, true)
// cookie verified, continue
} catch (e) {
console.log(e)
return res.send("An error occurred")
}
}
I suggest you to check this post in which they have a similar issue.
In summary, if you check the quickstart-nodejs repository you have to add the cookie-parser and body-parser. Here is the example that they provide in the post:
const admin = require("firebase-admin");
const functions = require("firebase-functions");
const next = require("next");
const cors = require("cors");
const express = require("express");
const cookieParser = require("cookie-parser");
const bodyParser = require("body-parser");
const dev = process.env.NODE_ENV !== "production";
const app = next({ dev, conf: { distDir: "next" } });
const handle = app.getRequestHandler();
admin.initializeApp({
credential: admin.credential.cert("Service account key"),
databaseURL: "Path to database"
});
const server = express();
server.use(cors({ origin: true }));
server.use(bodyParser.json());
// Support URL-encoded bodies.
server.use(bodyParser.urlencoded({
extended: true
}));
// Support cookie manipulation.
server.use(cookieParser());
// Attach CSRF token on each request.
server.use(attachCsrfToken('/', 'csrfToken', (Math.random()* 100000000000000000).toString()));
function attachCsrfToken(url, cookie, value) {
return function(req, res, next) {
if (req.url === url) {
res.cookie(cookie, value);
}
next();
}
}
server.post("/login", (req, res) => {
if (req.body && req.body.idToken) {
const idToken = `${req.body.idToken}`;
const expiresIn = 60 * 60 * 24 * 5 * 1000;
admin.auth().createSessionCookie(idToken, { expiresIn }).then((sessionCookie) => {
const options = { maxAge: expiresIn, httpOnly: true, secure: true };
res.cookie("session", sessionCookie, options);
res.end(JSON.stringify({ sessionCookie }));
}, error => {
res.status(401).send(error);
});
} else {
res.status(401).send("Token empty");
}
});
server.post("/profile", (req, res) => {
if (req.cookies && req.cookies.session) {
const sessionCookie = `${req.cookies.session}`;
admin.auth().verifySessionCookie(
sessionCookie, true /** checkRevoked */).then((decodedClaims) => {
res.end(JSON.stringify({ decodedClaims }));
}).catch(error => {
res.status(401).send(error);
});
} else {
res.status(401).send("Session empty");
}
});
exports.next = functions.https.onRequest((req, res) => {
if (req.method === "POST") {
if (!req.path) req.url = `/${request.url}`;
return server(req, res);
}
return app.prepare().then(() => handle(req, res));
});

nuxtjs apollo-client does not set authorization header

I am trying to create a login functionality using nuxtjs with the nuxtjs apollo-module and nodejs in the backend using apollo-server. I would like to pass the token from the frontend (nuxtjs/apollo-client) to the backend (nodejs/apollo-server).
Signin Function (frontend)
async signin () {
const email = this.email
const password = this.password
try {
const res = await this.$apollo.mutate({
mutation: signIn,
variables: {
email,
password
}
}).then(({ data }) => data && data.signIn)
const token = res.token
await this.$apolloHelpers.onLogin(token)
this.$router.push('/feed')
} catch (err) {
// Error message
}
}
nuxtjs.config (frontend)
apollo: {
clientConfigs: {
default: {
httpEndpoint: 'http://localhost:8000/graphql',
wsEndpoint: 'ws://localhost:8000/graphql',
authenticationType: 'Bearer',
httpLinkOptions: {
credentials: 'include'
},
}
}
Cookie in Browser DevTools
Index File (backend)
const app = express()
const corsConfig = {
origin: 'http://127.0.0.1:3000',
methods: 'GET,HEAD,PUT,PATCH,POST,DELETE,OPTIONS',
credentials: true
}
app.use(cors(corsConfig))
app.use(morgan('dev'))
const getMe = async req => {
const token = req.headers.authorization // <========
console.log(token) // returns 'Bearer undefined'
if (token) {
try {
return await jwt.verify(token, process.env.SECRET)
} catch (e) {
// Error message
}
}
}
const server = new ApolloServer({
introspection: true,
playground: true,
typeDefs: schema,
resolvers,
context: async ({ req }) => {
if (req) {
const me = await getMe(req)
return {
models,
me,
secret: process.env.SECRET,
loaders: {
user: new DataLoader(keys =>
loaders.user.batchUsers(keys, models),
),
},
}
}
},
})
server.applyMiddleware({
app,
path: '/graphql',
cors: false
})
const httpServer = http.createServer(app)
server.installSubscriptionHandlers(httpServer)
const port = process.env.PORT || 8000
sequelize.sync({ force: true }).then(async () => {
createUsers(new Date())
httpServer.listen({ port }, () => {
console.log(`Apollo Server on http://localhost:${port}/graphql`)
})
})
The token is saved in a cookie called 'apollo-token'. However the Authoriation header in the format 'Bearer token' is not set. According to the apollo-client documentation this should be set automatically (https://github.com/nuxt-community/apollo-module#authenticationtype-string-optional-default-bearer).
What am I missing? I would be very thankful for any kind of help!

how to deploy vuejs/nodejs app in firebase hosting?

My project structure
client part contains vue app and server part contains nodejs. In client side handling api service which is created from server. Created api services inside client folder to get response from server.
here is my structure of client-> services->api.js.
here is client -> services -> api.js code:
import axios from 'axios'
export default() => {
return axios.create({
baseURL: `https://dev-cloudthrifty-com.firebaseapp.com`
// https://dev-cloudthrifty-com.firebaseapp.com/
// http://localhost:8081
})
}
client -> vue.config.js configuration file.
const path = require('path')
module.exports = {
devServer: {
compress: true,
disableHostCheck: true,
},
outputDir: path.resolve(__dirname, '../server/dist'), // build all the assets inside server/dist folder
pluginOptions: {
'style-resources-loader': {
preProcessor: 'scss',
patterns: [path.resolve(__dirname, './src/styles/global.scss')]
}
},
chainWebpack: config => {
if (config.plugins.has('optimize-css')) {
config.plugins.delete('optimize-css')
}
}
}
Here is my firebase configuration: firebase.json
{
"hosting": {
"public": "./server/dist",
"rewrites": [
{
"source": "**",
"destination": "/index.html"
},
{ "source": "**", "function": "app"}
],
"ignore": [
"firebase.json",
"**/.*",
"**/node_modules/**"
],
"headers": [ {
"source": "**/*.#(eot|otf|ttf|ttc|woff|font.css)",
"headers": [ {
"key": "Access-Control-Allow-Origin",
"value": "*"
} ]
}, {
"source": "**/*.#(jpg|jpeg|gif|png)",
"headers": [ {
"key": "Cache-Control",
"value": "max-age=7200"
} ]
}, {
"source": "404.html",
"headers": [ {
"key": "Cache-Control",
"value": "max-age=300"
} ]
} ],
"cleanUrls": true
}
}
Server-> app.js where i'm creating api for front-end
const express = require('express')
const bodyParser = require('body-parser')
const cors = require('cors')
const morgan = require('morgan')
const firebase = require('firebase');
const functions = require('firebase-functions');
const admin = require('firebase-admin');
const axios = require('axios');
const credentials = new Buffer('testing:testing123').toString('base64')
const app = express()
app.use(morgan('combined'))
app.use(bodyParser.json())
app.use(cors())
var Post = require("./models/post");
const firebaseConfig = {
apiKey: "AIzaSyDHDKttdke4WArImpRu1pIU",
authDomain: "dev-cxxxxxy-com.firebaseapp.com",
databaseURL: "https://dev-cxxxx-com.firebaseio.com",
projectId: "dev-clxxxx-com",
storageBucket: "dev-cxxxx-com.appspot.com",
messagingSenderId: "830534343916",
appId: "1:83916:web:e0fd232ebb1"
};
const firebaseApp = admin.initializeApp(firebaseConfig);
var db = firebaseApp.firestore();
app.get('/gcp-scheduler', (req, res) => {
res.send(
[{
title: "Hello World!",
description: "Hi there! How are you?"
}]
)
})
// serve dist folder
if (process.env.NODE_ENV === 'production') {
// Static folder
app.use(express.static(__dirname + '/dist'));
// Handle SPA
app.get('**', (req, res) => res.sendFile(__dirname + '/dist/index.html'));
}
// Add new post
app.post('/list-server', (req, res) => {
var token = req.body.token;
var ccExp = req.body.ccExp;
var cardNumber = req.body.cardNumber;
var currentUserUUID = req.body.currentUserUUID;
var amount = req.body.amount;
console.log(token);
console.log(ccExp);
(async() => {
const paymentRequest = await getAuthTokenForThePayment({
account: cardNumber,
merchid: '496160873888',
amount: amount, // Smallest currency unit. e.g. 100 cents to charge $1.00
expiry: ccExp,
currency: 'USD'
});
const charge = await makeCharge({
merchid: paymentRequest.data.merchid,
retref: paymentRequest.data.retref
});
console.log(charge);
console.log(charge.data.respstat)
if (charge.data.respstat == 'A'){
var data = db.collection('transactionTable').doc(charge.data.retref);
var setAlan = data.set({
'respstat': charge.data.respstat,
'retref': charge.data.retref,
'account': charge.data.account,
'token': charge.data.token,
'batchid': charge.data.batchid,
'amount': charge.data.amount,
'resptext': charge.data.resptext,
'respcode': charge.data.respcode,
'commcard': charge.data.commcard,
'setlstat': charge.data.setlstat,
});
res.send(charge.data.respstat);
} else if(charge.data.respstat == 'B'){
console.log("Declined");
res.send(charge.data.respstat);
}else if(charge.data.respstat == 'C'){
console.log("Retry");
res.send(charge.data.respstat);
}
})();
})
const getAuthTokenForThePayment = async (data) => {
try {
const config = {
headers: {
'Content-Type': 'application/json',
'Authorization': `Basic ${credentials}`
}
};
const URL = 'https://fts.cardconnect.com:6443/cardconnect/rest/auth';
return await axios.put(URL, data, config);
} catch (error) {
throw (error);
}
}
const makeCharge = async (data) => {
try {
const config = {
headers: {
'Content-Type': 'application/json',
'Authorization': `Basic ${credentials}`
}
};
const URL = 'https://fts.cardconnect.com:6443/cardconnect/rest/capture';
return await axios.put(URL, data, config);
} catch (error) {
throw (error);
}
}
// app.listen(process.env.PORT || 8081)
exports.app = functions.https.onRequest(app);
My issue when i click on checkout button in cart view, it should send current user card details with token to the server(app.js) through post api. After receiving card details from front-end, it should call cardconnect charge api functionality which i have implemented in app.js. In browser console current user card details received successfully but while clicking checkout charge api are not called it shows some other which is unrelated to api.
But everything works in localhost. client side localhost url: http://localhost:8080 and server side localhost url: http://localhost8081.
my firebase hosting url: https://dev-xxxx.firebaseapp.com
here is my console output screenshot:
Dont where i am making mistakes in firebase vuejs/nodejs hosting, rewrites path.
it show error in postservice.js file
import Api from '#/services/Api'
export default {
fetchPosts () {
return Api().get('gcp-scheduler')
},
addPost (params) {
return Api().post('list-server', params)
}
}
Any help much appreciated pls..

Resources