tutorial:authentication requireAuth without roles cause an error
Closed this issue · 6 comments
Hi,
I follow the tutorial wich is very well thank for your work redwood is awesome I will continue to use it for a long time
If we follow the tutorial we will have an error when we want to create a post at the Deployment section, because we don't pass the roles to requireAuth.
export const createPost = ({ input }) => {
requireAuth() // we don't pass any roles to require
return db.post.create({
data: input,
})
}
Wich will cause an error on the API
api | ERROR [2021-12-10 13:02:34.337 +0000] (graphql-server): Cannot destructure property 'roles' of 'undefined' as it is undefined.
api | error: {
api | "message": "Cannot destructure property 'roles' of 'undefined' as it is undefined.",
api | "locations": [
api | {
api | "line": 2,
api | "column": 3
api | }
api | ],
api | "path": [
api | "createPost"
api | ]
api | }
to avoid the problem I have to add an admin role to my user on Netlify / Identity and set the first param of requireAuth to currentUser by default.
export const requireAuth = ({ roles } = context.currentUser) => {
if (!isAuthenticated()) {
throw new AuthenticationError("You don't have permission to do that.")
}
if (!hasRole({ roles })) {
throw new ForbiddenError("You don't have access to do that.")
}
}
Thanks for the feedback! @cannikin - does this prompt adding something to the tutorial?
I'm updating the tutorial to work with v1.0 right now and will hopefully be ready next week. I'll make sure to get this fix in there!
I received the same error regarding roles and thought I made a mistake on my end. Glad to hear that the tutorial is being updated!
I'm updating the tutorial to work with v1.0 right now and will hopefully be ready next week. I'll make sure to get this fix in there!
Will the tutorial use directives instead?
When we introduce auth and put the admin scaffolds behind login, I'll introduce @requireAuth and @skipAuth but I won't be doing a deep dive. I'll link to the full docs though.