Authentication throws are treated as valid reply() #1581
Description
I upgraded to hapi v4.0 from v1.2 and had to make some changes to my authentication strategy due to breaking changes introduced in 2.x.
I believe that because my authenticate() function contains a promise, it finishes executing before the promise is resolved and results in the following error:
Debug: hapi, internal, implementation, error
Error: Authentication response missing both error and credentials
This is my authenticate() function:
Within a Authentication object:
/**
* Authenticate user via token
* @param request
* @param reply
*/
exports.authenticate = function (request, reply) {
var token = getToken(request);
if (token == null) {
return reply(Hapi.boom.unauthorized('Header has to include Authorization key with value Bearer token.'));
} else {
//attempt to get user json object from session store
this.Session.get(token)
.then(function (user) {
//successful authentication, renew key, return user json
return reply(null, {credentials: user});
}, function (err) {
return reply(Hapi.boom.unauthorized('Session does not exist for token: ' + token));
});
}
};
And wiring it up:
server.auth.scheme('tokenScheme', function (server, options) {
return Authentication;
});
server.auth.strategy('token', 'tokenScheme');
Everything was working fine in v1.2. Can someone please tell me what I'm doing wrong?
Thanks,
Shaun