Error in dbAuth Impersonation in Redwood Studio

Get Help and Help Others
1

I’m struggling to get auth impersonation working with Redwood Studio. I created a minimal example on 6.5.1: GitHub - mdkess/test-redwood-studio: Playing with redwood studio authentication impersonation. This is just vanilla RedwoodJS set up with dbAuth.

I created a user (username: asdf, password: asdf, id: 1), and then add to the redwood.toml: https://github.com/mdkess/test-redwood-studio/blob/main/redwood.toml

GraphiQL in the studio sets the header {"auth-provider":"dbAuth","authorization":"Bearer 1","cookie":"session=s+P2Q2I8VHgqkmKl8t7jr9PdxAn5hQFleZnrvhjF433FC1papJeq9jJkyxxDjcA8|EsFGPKsOVTrUCLuijDMYcg=="} but then on the API side it can’t seem to decode it: "Exception in getAuthenticationContext: Cannot read properties of undefined (reading 'id')".

I feel like I’m probably missing something obvious - any idea what I’m doing wrong?

2

Hi @articulatehat FYI the team is reworking Studio to not be experimental and we’ll revisit user impersonation.

I’ll grab your repo GitHub - mdkess/test-redwood-studio: Playing with redwood studio authentication impersonation and have a try to see if I can reproduce and get back to you with what I find.

Thanks.

3

Thanks! The reproduction is pretty straightforward: just run the server, go to http://localhost:8910/signup to create a user, run the studio, and try to call a protected route on the posts endpoint.

From a setup point of view, it was just:

  1. Create a new project
  2. Set up dbAuth
  3. Create a protected model/SDL route.
  4. Register a new user.
  5. Set up redwood.toml for the studio with an impersonated user.
  6. Try to use the studio to query the protected route.