Feathers Authentication via POST works but socket doesn't

Question

Here is a repo showing my latest progress, and here is my configuration. As it stands that repo now doesn't even authenticate with REST - although I think something is wrong with socket auth that needs to be looked at.

---

I configured feathers, was able to create a user REST-fully with Postman, and even get an auth token (I can post to /authenticate to get a token, and then verify that token - yay postman! yay REST api!).

But in the browser the story ain't so happy. I can use find to get data back, but authenticate just gives me errors.

In my googling I found this post and updated my client javascript to be this. I have also tried doing jwt auth with the token from postman, but that gives the same Missing Credentials error. Halp!

Code incoming...

---

app.js (only the configuration part to show order)

app.configure(configuration(path.join(__dirname, '..')))
  .use(cors())
  .use(helmet()) // best security practices
  .use(compress())
  .use(favicon(path.join(app.get('public'), 'favicon.ico')))
  .use('/', feathers.static(app.get('public')))
  .configure(socketio())
  .configure(rest())
  .configure(hooks())
  .use(bodyParser.json())
  .use(bodyParser.urlencoded({ extended: true }))
  .configure(services) // pull in all services from services/index.js
  .configure(middleware) // middleware from middleware/index.js
  .hooks(appHooks)

Within services, I first add authentication, which is in its own file and that looks like this authentication.js

const authentication = require('feathers-authentication');
const jwt = require('feathers-authentication-jwt');
const local = require('feathers-authentication-local');
const authManagement = require('feathers-authentication-management');

module.exports = function () {

  const app = this;
  const config = app.get('authentication');

  // Set up authentication with the secret
  app.configure(authentication(config));
  app.configure(authManagement(config));
  app.configure(jwt());
  app.configure(local(config.local));

  // The `authentication` service is used to create a JWT.
  // The before `create` hook registers strategies that can be used
  // to create a new valid JWT (e.g. local or oauth2)
  app.service('authentication').hooks({
    before: {
      create: [
        authentication.hooks.authenticate(config.strategies)
      ],
      remove: [
        authentication.hooks.authenticate('jwt')
      ]
    }
  });

};

index.html (mostly stripped, just showing relevant script)

let url = location.protocol + '//' + location.hostname + 
    (location.port
      ? ':' + location.port
      : '');

const socket = io(url);

const feathersClient = feathers()
  .configure(feathers.socketio(socket))
  .configure(feathers.hooks())
  .configure(feathers.authentication({ storage: window.localStorage }));

Here's a screen shot showing some requests in chrome debugger and postman.

Answer 1

When default.json is set to use 'username' as the usernameField it outputs my Windows username, 'Matt'. This is because feathers-configuration checks to see if a value is a part of the OS environment.

https://github.com/feathersjs/feathers-configuration/blob/master/src/index.js#L26

Workaround

Manually set this configuration in authentication.js, for example:

  // Set up authentication with the secret
  const localConfig = {
    'entity': 'users',
    'service': 'users',
    'usernameField': 'username',
    'passwordField': 'password'
  }; 

  app.configure(authentication(config));
  app.configure(local(localConfig));