When attempting to allow authentication mode try
in hapi, hapi-auth-jwt2 version 5.1.1 introduced an issue whereby people could bypass authentication.
[
{
"product": "hapi-auth-jwt2 node module",
"vendor": "HackerOne",
"versions": [
{
"status": "affected",
"version": "5.1.1"
}
]
}
]