How to dbauth authenticated requests from redwood playground?

I am trying to send authenticated requests to my api, and I am using dbauth for authentication.

I saw a previous post about sending authenticated requests to the server: Using the GraphQL Playground with authentication - #2 by dthyresson. But I could not make it work with dbauth.

I copied the value in from session in the application-tab in the dev-tools in chrome, when I set the value in playground’s “request headers” so did it not work.

Any idea on how to make it work?

@markymark I was able to reproduce the case where the Cookie header is being stripped in the playground request, such that the request isn’t authenticated correctly. I need to do some investigating but will write up an issue and will follow up there and post back with a solution.

1 Like

@markymark Update: We’re still diagnosing, but seems to be an issue with the GraphQL Playground.

As a workaround, if you use a product like https://paw.cloud to make requests, I have confirmed that setting the headers does let you make authenticated requests:

Here is without the cookie set, and unauthenticated (well, in truth a bad request for dbAuth as the cookie is not sent so the error is a little different):

And with cookie set:

Note: I set the posts query to @requireAuth.

We’ll work with The Guild and Yoga’s GraphiQL Playground to resolve this.

1 Like

Thanks for the help.

Do I have to set the authorization “bearer” token? If that is the case, where do I find the value that you have set in yours?

Isn’t the cookie value and the auth-provider enough?

Yes, the value after the Bearer is the user id.

It is needed because of the way the auth headers are parsed; see: redwood/index.ts at 230f79d07b50e8aad3635ffe1484531a6ae31342 · redwoodjs/redwood · GitHub

1 Like