diff --git a/client/coral-framework/actions/auth.js b/client/coral-framework/actions/auth.js index 2f0a2dc0f..f0827ca73 100644 --- a/client/coral-framework/actions/auth.js +++ b/client/coral-framework/actions/auth.js @@ -112,10 +112,8 @@ const signInFailure = (error) => ({ //============================================================================== export const handleAuthToken = (token) => (dispatch) => { - if (!browser || browser.name !== 'Safari') { - Storage.setItem('exp', jwtDecode(token).exp); - Storage.setItem('token', token); - } + Storage.setItem('exp', jwtDecode(token).exp); + Storage.setItem('token', token); dispatch({type: 'HANDLE_AUTH_TOKEN'}); }; @@ -129,7 +127,9 @@ export const fetchSignIn = (formData) => { return coralApi('/auth/local', {method: 'POST', body: formData}) .then(({token}) => { - dispatch(handleAuthToken(token)); + if (!browser || browser.name !== 'Safari') { + dispatch(handleAuthToken(token)); + } dispatch(hideSignInDialog()); }) .catch((error) => { diff --git a/routes/api/auth/index.js b/routes/api/auth/index.js index e0e39adf9..c5c2e3dfb 100644 --- a/routes/api/auth/index.js +++ b/routes/api/auth/index.js @@ -8,7 +8,7 @@ const router = express.Router(); * This returns the user if they are logged in. */ router.get('/', (req, res, next) => { - + console.log('is there req user>', req.user); if (req.user) { return next(); } diff --git a/services/passport.js b/services/passport.js index 4b1c10158..07a98f789 100644 --- a/services/passport.js +++ b/services/passport.js @@ -174,7 +174,37 @@ const ExtractJwt = require('passport-jwt').ExtractJwt; passport.use(new JwtStrategy({ // Prepare the extractor from the header. - jwtFromRequest: ExtractJwt.fromAuthHeaderWithScheme('Bearer'), + jwtFromRequest: (req, res) => { + + const browser = bowser._detect(req.headers['user-agent']); + + if (browser.name === 'Safari') { + const lookup = (i) => { + switch (i) { + case 0: return 'header'; + case 1: return 'cookie'; + case 2: return 'query'; + } + } + + // Adding custom extractor + const authorizations = [ + req.headers.authorization, + req.cookies.authorization, + req.query.authorization + ]; + + let i = authorizations.findIndex((source) => source !== null && typeof source != 'undefined' && source.length > 0); + + if (i >= 0) { + let authorization = authorizations[i]; + let source = lookup(i); + return authorization; + } + } else { + return ExtractJwt.fromAuthHeaderWithScheme('Bearer')(req) + } +}, // Use the secret passed in which is loaded from the environment. This can be // a certificate (loaded) or a HMAC key.