Redwood Auth with no api side

Andre · April 2, 2024, 3:16am

Hey All,

I have a Redwood app with no api side. I’ve followed these instructions to remove it: Disable API/Database | RedwoodJS Docs. I also removed the Apollo Provider client from the web side.

I have now implemented authentication with Firebase and noticed the web side makes a graphql query call to the get current authenticated user: {"query":"query __REDWOOD__AUTH_GET_CURRENT_USER { redwood { currentUser } }"}

Is there a way I can disable that (see error below)?

{
    "errors": [
        {
            "message": "The RedwoodJS API server is not available or is currently reloading. Please refresh."
        }
    ]
}

I am running the latest and greatest version 7.3. Any help is appreciated!

KrisCoulson · April 2, 2024, 5:38am

I believe that you can go to your auth.tsx file or search your app for createAuth

it should look something like this createAuth(firebaseClient)

I think you can pass a second parameter to createAuth for useCurrentUser

So

createAuth(firebaseClient, { useCurrentUser: () => { something } })

Here is the redwood implementation redwood/packages/auth/src/AuthProvider/useCurrentUser.ts at 9a3ffdef7764fadb2c36114b1a1ed3091ce7d145 · redwoodjs/redwood · GitHub

This is where it makes the requests to the graphql backend.

I am not sure what your implementation will look like because I don’t use firebase but that should point you in the right direction

Andre · April 2, 2024, 7:54am

Hi @KrisCoulson this did the trick, thank you so much! Here’s what I’ve done as a quick proof of concept:

//src/auth.ts
export const { AuthProvider, useAuth } = createAuth(firebaseClient, {
  useCurrentUser: () =>
    new Promise((resolve, reject) => {
      const currentUser = firebaseAuth.getAuth().currentUser
      if (currentUser) {
        resolve({
          id: currentUser.uid,
          email: currentUser.email,
          roles: [],
        })
      } else {
        reject(new Error('No current user'))
      }
    }),
})

I need now to spend some more time understanding how the auth flow is implemented. My assumption was that after a successful login, the user would be automatically redirected but this is not happening.

UPDATE: I’ve ended up using the same trick that the “blog tutorial” uses on the LoginPage:

  useEffect(() => {
    if (isAuthenticated) {
      navigate(routes.home())
    }
  }, [isAuthenticated])

Tobbe · April 2, 2024, 10:57am

Just wanted to let you know there is even more coming on this front

github.com/redwoodjs/redwood

fix(cli): Update build and serve to handle the absence of the api side

redwoodjs:main ← redwoodjs:jgmw-fix/build-and-serve-without-api-side

opened 08:18AM - 19 Mar 24 UTC

Josh-Walker-GM

+72 -28

**Problem** This PR address the issue raised in #10264 which highlighted that `…yarn rw build` would fail for projects that have removed the `api` directory. **Changes** 1. The `yarn rw build` command now checks for the existence of the prisma schema file. It will not generate the prisma client if the file does not exist and it will not trigger prerendering if the schema file does not exist. 2. Updates the checks performed by `yarn rw serve` to handle the case when there is not API side a little nicer. It will offer more specific error messages when you run `yarn rw serve api` without an API side and it will tell you to run `yarn rw serve web` instead of `yarn rw serve` if you have no API side. **Concerns** 1. I'm not sure about adding checks for "does the API side even exist" anywhere we previously assumed it did. For now these checks only needed to happen in 2 places so I'm not that bothered about them but I can see how it could spiral out of control.

Mact1977 · April 2, 2024, 10:57am

It would be nice to have a custom authentication that allows you to manage the authentication using API Keys.

For example, add a configuration to the dbAuth class that allows the reset and forgot password methods to be disabled. In addition to that also an option that disable the hash function on the password.

dthyresson · April 3, 2024, 12:14am

Hi @Mact1977 i have been meaning to write up a way to use Unkey as either a yoga auth plugin or redwood auth provider.

But have a look at https://unkey.dev/ and maybe that would work for you. If so happy to discuss how to integrate in Redwood

Mact1977 · April 3, 2024, 5:08am

www.mybalancenow.com visa