ember.jsember-simple-auth

A token request using ember-simple-auth-token won't include the identification field


A have an Ember (v2.12.0-beta.1) app that uses ember-simple-auth-token to request a JWT.

The important part happens in the login controller.

export default Ember.Controller.extend({
    session: Ember.inject.service(),

    // Properties
    username: 'user1',
    password: 'password123',

    // Actions
    actions: {
        login(username, password) {
            console.log('Attempting login...');

            let creds = this.getProperties('username', 'password');
            let authenticator = 'authenticator:jwt';

            this.get('session').authenticate(authenticator, creds).then(function() {
                console.log('LOGIN SUCCESS')
            }, function() {
                console.log('LOGIN FAIL')
            });
        }
    }
});

When submitting the form, there is a request that is being made by the browser and my backend receives it.

The problem is that only the password is included in the request. The body of the request has the form {"password":"password123"}, but it should look like {"username":"user1","password":"password123"}. Of course, the login attempt fails and LOGIN FAIL is printed.

Why is the username not included in the token request?

I tried using earlier versions of ember-simple-auth-token and ember-simple-auth.

Here is my configuration:

ENV['ember-simple-auth'] = {
    authorizer: 'authorizer:token',
};

ENV['ember-simple-auth-token'] = {
    serverTokenEndpoint: 'http://127.0.0.1:6003/token',
    identificationField: 'username',
    passwordField: 'password',
    tokenPropertyName: 'token',
    authorizationPrefix: 'Bearer ',
    authorizationHeaderName: 'Authorization',
    refreshAccessTokens: false,
};

Solution

  • ember-simple-auth-token expects credentials object passed to authenticate to be in format:

    {
       identification: <username>,
       password: <password>
    }
    

    So your code should look something like this:

    actions: {
        login(username, password) {
            console.log('Attempting login...');
    
            let creds = {
                identification: username,
                password: password
            };
    
            let authenticator = 'authenticator:jwt';
            this.get('session').authenticate(authenticator, creds).then(function() {
                console.log('LOGIN SUCCESS')
            }, function() {
                console.log('LOGIN FAIL')
            });
        }
    }
    

    The request sent in this case is:

    {
        "password":"password123",
        "username":"user1"
    }
    

    There are some pull requests about this issue.