Store.dispatch('auth/authenticate') doesn't detect JWT Expiry
barnacker opened this issue · comments
Steps to reproduce
Simply put a router Navigation Guard code such as:
router.beforeEach((to, from, next) => {
Store.dispatch('auth/authenticate').catch(() => { blablabla somthing etc...
You set a 10s long token and then you change routes after expiry.
I feel this used to work but now I am doubting haha
Expected behavior
It would have ran the code in the catch function...
Actual behavior
Store.dispatch('auth/authenticate') is alway sucessfull even if expired.
System configuration
tested with both:
"feathers-vuex": "^3.12.3",
"feathers-vuex": "^3.15.0",
NodeJS version:
12.14.1
Operating System:
Ubuntu
@barnacker thanks for the issue. That's totally a valid use case. I've never had it implemented and it doesn't seem like something that should be baked in. There are just too many varying requirements for authentication on a per-app basis. I've had to be very selective about what to bake in. However, having this as a recipe in the docs seems like a great idea. I'm going to label it as a documentation issue.
I saw that you used a standard library for JWT and they say it does check that and returns an error by default and I thought maybe you override the default when calling jwt.verify but then I saw you used a parameter so I thought I could maybe activate it but I got lost in the debugger somewhere in the stack around some async code hahaha so... I guess, my question originally was: Can I pass options that you proxy to the JWT library or should I import the library and verify the token myself before even calling Store.dispatch('auth/authenticate') ?
I'll follow your recommendation :)
I recommend importing the jwt-decode package and manually checking.