Vapor jwt signer call to unverified function, gives error no exact match in call to instance method

I have implemented jwt tokens on my site without using sessions. When I take a route that is having my jwtbearerauthenticator it does the authenticatte but I saw that req.auth.require is throwing.
So my thought is that since jwt is sessionless I am supposed to unencrypt the token and then get the user again and do req.auth.login again. Is this correct? This is why I am making the call to unverified. Here's some code.

func me(req: Request) throws -> EventLoopFuture<Me> {
    print("entered me")
    
    let signer = JWTSigners()
    let token = req.headers["Authorization"]
    let jwtPayload = signer.get(kid: .private)?.unverified(token, as: JWTPayload.Protocol)
    
    let user = try req.auth.require(User.self)
    let userName = user.userName
    print("entered \(userName)")
    return User.query(on: req.db)
        .filter(\.$userName == userName)
        .first()
        .unwrap(or: Abort(.notFound))
        .map { usr in
            print("sending me \(usr.userName)")
            return Me(id: user.id, userName: usr.userName)
        }
    
    
    throw Abort(.unauthorized)
}

func boot(routes: RoutesBuilder) throws {
    let users = routes.grouped("users")
    
    users.group("register") { usr in
        usr.post(use: register)
    }
    
    users.group("login") { usr in
        print("entered login group")
        usr.post(use: login)
    }
    
    users
        .grouped(JWTBearerAuthenticator())
        .grouped(User.guardMiddleware())
        .group("me") { usr in
            usr.get(use: me)
        }
}

hi @jsoneaday consider posting in https://forums.swift.org/c/related-projects/vapor which is more focused on vapor

I figured everything out, but it was so complicated I made a video on it. This is an end to end setup with Vapor server and SwiftUI client.

... :roll_eyes:

Terms of Service

Privacy Policy

Cookie Policy