Comments (11)
icebob
commented on May 27, 2024
Thanks, I'm fixing.
from moleculer-web.
icebob
commented on May 27, 2024
Could you show relevant parts of your code? I can't reproduce it. For me, no unhandled rejection, the error goes back to the caller properly.
Custom alias:
aliases: {
"POST users": "users.create",
"health": "$node.health",
"custom"(req, res) {
res.writeHead(201);
res.end();
}
},with this authorize: https://github.com/moleculerjs/moleculer-web/blob/master/examples/full/index.js#L299
from moleculer-web.
theRichu
commented on May 27, 2024
Not in alias,
rejection in authorize method,
I called action to service via broker
You may reproduce this way,
const {
UnAuthorizedError
} = ApiGateway.Errors
authorize (ctx, route, req, res) {
if (req.needAuth !== 'required') {
return ctx
}
let token
if (req.headers.authorization) {
let type = req.headers.authorization.split(' ')[0]
if (type === 'Token') {
token = req.headers.authorization.split(' ')[1]
}
}
if (req.needAuth === 'required' && !token) {
return Promise.reject(new UnAuthorizedError(ERR_NO_TOKEN))
}
// Verify JWT token
return ctx.call('users.resolveToken', {
token
})
.then(user => {
return Promise.reject(new UnAuthorizedError(ERR_NO_TOKEN))
})
}
and request any route.
and get
Unhandled rejection TokenExpiredError: jwt expired
from moleculer-web.
icebob
commented on May 27, 2024
By the error message, I think the problem is not in authorize, but in users.resolveToken. Could you show the source of this action?
from moleculer-web.
theRichu
commented on May 27, 2024
resolveToken: {
cache: {
keys: ['token'],
ttl: 60 * 60 // 1 hour
},
params: {
token: 'string'
},
handler (ctx) {
return new this.Promise((resolve, reject) => {
jwt.verify(ctx.params.token, this.settings.JWT_SECRET, (err, decoded) => {
if (err) {
return reject(err)
}
resolve(decoded)
})
}).then(decoded => {
if (decoded.user) {
return User.findOne({
where: {
id: decoded.user
}
}).then(user => {
return user.dataValues
})
}
})
}
},
This is my resolveToken code
from moleculer-web.
theRichu
commented on May 27, 2024
I know the error message is from jwtwebtoken package,
the problem is I can't handle the rejection error anywhere.
So, request are just pending when token is expired or invalid.
I just want to response error code and message.
from moleculer-web.
icebob
commented on May 27, 2024
The return reject(err) is called when the token is expired or invalid?
from moleculer-web.
theRichu
commented on May 27, 2024
Yes,
from moleculer-web.
icebob
commented on May 27, 2024
I tried it but no unhandled rejection. Could you create a small repro repo?
from moleculer-web.
theRichu
commented on May 27, 2024
https://github.com/theRichu/moleculer-web-unhandled
check this repo please
from moleculer-web.
icebob
commented on May 27, 2024
Thanks. The unhandled issue is fixed in the master branch. You can update & test it with npm i moleculerjs/moleculer-web.
By the way, the calling order changed and there is a side effect in your repo. The onBeforeCall & authorize are called before action middlewares. So 'GET /user/me': [auth.required(), 'users.me'] won't work because the authorize called sooner than auth.required().
from moleculer-web.
Related Issues (20)
- Could not handle the request when the request come with files and data in multipart HOT 2
- Sometime the list of REST api is missing some functions HOT 1
- multipartHandler throws unhandled error if payload is too large
- CORS Preflight Issue HOT 2
- Response headers affectation HOT 2
- Missing interface when upload file. HOT 2
- resetTime should accept function
- Undefined `actions` property in `/api/~node/services?withActions=true` causes empty REST API page HOT 1
- Route-level `mergeParams` doesn't exist for auto aliases HOT 1
- Cannot skip route with middleware HOT 1
- Improve routes priorization HOT 1
- RateLimit didn't check if trusted proxy send the header x-forwarded-for HOT 4
- REST shortcut doesn't handle action object correctly
- Typescript error: import { IParseOptions } from 'qs'
- Can we get an official interface for ctx.meta.$ fields available in moleculer-web?
- Routes with autoAliases not considered for started HOT 1
- Allow define action type in auto aliases (rest action param) HOT 2
- What is the benefit of using ctx.meta.$location & ctx.meta.$responseType vs just setting via ctx.meta.$responseHeaders? HOT 4
- update request body value in onBeforeCall hook not working HOT 1
- Transporter cannot connect to a redis server instance in a docker-compose stack
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from moleculer-web.