dbAuth with WebAuthn work great for me by following the steps in the docs:
yarn create redwood-app my-app
cd my-app
add User and UserCredentials models to api/db/prisma.schema (as specified in the link above under “Schema Updates”)
yarn rw prisma migrate dev
yarn rw setup auth dbAuth (‘y’ to add WebAuthn)
yarn rw g dbAuth --webauthn
yarn rw dev
The above works beautifully for dbAuth+WebAuthn. But when I try to create a User scaffold, the whole dbAuth system breaks.
yarn rw g scaffold admin/user
I get the following error: Schema loading failed. Unknown type: "UserCredential"
This error tells me that I need to generate SDL or scaffolding for UserCredential too. But when I try to do this:
yarn rw g scaffold admin/usercredential
or yarn rw g sdl UserCredential
I get the following error: Cannot read properties of undefined (reading 'replace')
The problem I run into with dbAuth at this point is when I logOut of a page, the session appears to clear, but if I refresh the page, the state is not maintained and the user appears to be logged in again (the session doesn’t appear to get cleared). This only happens when I try to create the User scaffolding.
I followed the instructions on troubleshooting generators and commented out the following lines in api/db/prisma.schema:
model User {
...
//credentials UserCredential[]
}
model UserCredential {
...
//userId Int
//user User @relation(fields: [userId], references: [id])
...
}
then re-ran the User scaffolding and dbAuth+WebAuthn work perfectly again! However, if I then uncomment the above prisma.schema lines to create the relationship again and re-run the scaffolding (even with the --force --no-tests flags), dbAuth stops working again. Even though I can get it to work by commenting out the User and UserCredential relationship, I’m pretty sure this relationship is important right?
Can anyone help with how I can create a User scaffold while maintaining the UserCredential to User relationship and have dbAuth+WebAuthn work properly?
I’m guessing something is going on with the attempt to stringify the object passed to transformValue, which would explain the Cannot read properties of undefined (reading 'replace') part of the error.
Haven’t looked too deeply into the internals of sdl generation…yet.
Would be nice if someone who’s familiar w/ this part of the codebase would comment on why this might be happening.
Huh, not sure about the test file generation error…but yes, the User → UserCredential relationship is important! That’s how WebAuthn ties a user’s biometric data (like FaceID) to the User in the database. Also not sure why having that relationship would mean that you can’t log out…this is the first I’ve heard of that issue.
I would start with looking at the network request to the /functions/auth endpoint when you click Logout and inspect the header response. You should see the Set-Cookie header setting session=; (removing that cookie):
If you don’t see that coming back, or it’s coming back with a big huge random string, then the session is still valid for some reason and not really logging you out. But that would give us a place to start troubleshooting.
Also, we did a huge refactoring of the auth code a couple of versions ago, which may have addressed any/all of these issues. What version of Redwood are you on currently?
Just ran into this myself for the second time or so.
For anyone running into this again, check your GraphQL users schema for presence of credentials: [UserCredentials!] , that needs to be removed. It’s added because it blindly assumes that if it’s in the schema, you’ll gen the SDL for it, but UserCredentials is private, and so doesn’t get an SDL type generated.
This is a case where it would be nice to have skip/diff/merge options in the generators. In fact that would be quite an upgrade to have the ability to merge generated changes into an existing file with custom changes… just sayin
