I am trying to send authenticated requests to my api, and I am using dbauth for authentication.
I saw a previous post about sending authenticated requests to the server: Using the GraphQL Playground with authentication - #2 by dthyresson. But I could not make it work with dbauth.
I copied the value in from session in the application-tab in the dev-tools in chrome, when I set the value in playground’s “request headers” so did it not work.
Any idea on how to make it work?
@markymark I was able to reproduce the case where the Cookie header is being stripped in the playground request, such that the request isn’t authenticated correctly. I need to do some investigating but will write up an issue and will follow up there and post back with a solution.
1 Like
@markymark Update: We’re still diagnosing, but seems to be an issue with the GraphQL Playground.
As a workaround, if you use a product like https://paw.cloud to make requests, I have confirmed that setting the headers does let you make authenticated requests:
Here is without the cookie set, and unauthenticated (well, in truth a bad request for dbAuth as the cookie is not sent so the error is a little different):
And with cookie set:
Note: I set the posts
query to @requireAuth
.
We’ll work with The Guild and Yoga’s GraphiQL Playground to resolve this.
1 Like
Thanks for the help.
Do I have to set the authorization “bearer” token? If that is the case, where do I find the value that you have set in yours?
Isn’t the cookie value and the auth-provider enough?
Yes, the value after the Bearer is the user id.
It is needed because of the way the auth headers are parsed; see: redwood/packages/api/src/auth/index.ts at 230f79d07b50e8aad3635ffe1484531a6ae31342 · redwoodjs/redwood · GitHub
1 Like