When a user has a valid token and tries to login with other credentials the endpoint returns 201.
The reason was if another user logged previously and had a valid token stored in the terminal. We must authenticate any user that tries to log in even if the token stored is valid.
We must check credentials again and return a new token, if the credentials are wrong we reject the login. Furthermore, the new token will update the list of groups.
* feat: add support for jwt on api
* test: add unit test for sign token with jwt
add multiple scenarios with configuration file
* chore: add JWT verification on middleware
* chore: restore headless
* chore: restore middleware header validation
* refactor: fix login whether user exists
* refactor: JWT is signed asynchronously
* refactor: better structure and new naming convention
* test: add unit test for token signature
* test: add unit test for creating user with JWT enabled
#168
* docs: add security section jwt
* refactor: renable web auth middleware
* test(auth): add legacy disabled scenario
* chore: update gitignore
* chore: add some es6 sugar
* feat: enable JWT token signature for new installations
* chore: add yaml files to git
I forgot add this before 😷
* chore: trace log on auth
in case we want more output
