Setup Deploy FlightControl Broke Web -> API Communication

Hey all, I’ve been working on this project and wanted to deploy it to AWS. I’ve run yarn rw setup deploy flightcontrol, and everything seemed to be fine, but now my web side won’t log me into the app anymore.

I have a feeling it might be an issue with environment variable configuration but I can’t seem to figure it out. I have the REDWOOD_API_URL environment variable set to /.redwood/functions and REDWOOD_WEB_URL set to http://localhost:8910. It looks like the login request goes through successfully, but then the values from useAuth() in the web side never populate with my user information.

I’ve also noticed that I don’t actually see a functions directory inside of .redwood/, so that could be contributing as well.

This project is using version 4.5.0.

Does anyone have any idea what I might be doing wrong??

UPDATE: Something really weird is happening here. I haven’t changed any of the code, but now it lets me log in properly. When I log out and log in as a different user, though, the Auth Context still has my old user information in it.

The call to /auth when I hit the log in button returns my user ID as you would expect, but then the call to /auth?method=getToken returns nothing. If I go back to a previous commit when everything was working properly, that call also returns my user ID. So something seems to be broken there.

I had a feeling this might be related to CORS, so I followed all of the configuration steps in Cross-Origin Resource Sharing | RedwoodJS Docs. Unfortunately, still no luck.

Will continue to dig.

Welp, for reasons I don’t quite fully understand, whenever I ran the yarn rw setup deploy flightcontrol command, it changed the cookie configuration from SameSite: 'Strict' to SameSite: 'None', and that appears to have been the culprit.

For now I’m going to control it in a similar way to the Secure value:

SameSite: process.env.NODE_ENV === 'development' ? 'Strict' : 'None'

Reading through this issue was how I ended up figuring it out. I hope this post helps someone else not spend the amount of time I did debugging this problem.

1 Like

Update: Flightcontrol Setup has been improved

Per @ahoopes16 solution above, this is the configuration required for dbAuth to work locally during dev and when deployed via Flighcontrol


     SameSite: process.env.NODE_ENV === 'development' ? 'Strict' : 'None'

This is an easy, no downside update to the Flightcontrol deploy setup. I’ve created the PR here, which will be included in the pending v5 release:


  • this only applies to dbAuth
  • this change only affects local dev
  • mileage may vary based on local setup and Flightcontrol deploy customization

Thanks again @ahoopes16! I’m marking this as the solution but want to make sure the credit is given to you :rocket:

1 Like

@thedavid Thanks so much! It feels cool to have contributed somehow, even if indirectly. :sweat_smile: Have a great one!