Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

During signin, getSessionExp does not use token #18

Closed
EtienneBruines opened this issue Oct 10, 2024 · 3 comments
Closed

During signin, getSessionExp does not use token #18

EtienneBruines opened this issue Oct 10, 2024 · 3 comments
Assignees
@sandros94
Labels
bug Something isn't working

Comments

@EtienneBruines
Copy link

EtienneBruines commented Oct 10, 2024
edited
Loading

This is my code:

const { signin } = useSurrealAuth()

await signin({
  NS: 'my-ns',
  DB: 'my-db',
  AC: 'user',
  username,
  password,
})

When successfully getting a token from the SurrealDB server (I got a result via DevTools), this token is not used by the subsequent SELECT exp FROM $session that is queried during getSessionExp. No Authorization HTTP request header is present for that RPC call.

I tried using DevTools Debugger to figure out where this is going wrong. It seems like the correct values (the Authorization header with the Bearer token) are being passed to the surrealFetch (within the surrealRPC function), but the onRequest handler seems to remove it.

nuxt-surrealdb/src/runtime/plugin.ts

Lines 20 to 32 in 2191857

const surrealFetch = ofetch.create({
onRequest({ options }) {
const { baseURL, headers } = surrealFetchOptionsOverride(database, options)
if (!baseURL) {
createError({
statusCode: 500,
message: 'Missing SurrealDB URL',
})
}
options.baseURL = baseURL
options.headers = defu<HeadersInit, HeadersInit[]>(options.headers, { ...headers })
},
})

The result of surrealFetchOptionsOverride(database, options) does not contain the Authorization header any more. Ths is OK, because there is no auth preset defined.

When it then comes to the defu call, it cannot correctly handle options.headers being a fancy Headers object, where it cannot simply 'set' the header values. Thus, after the defu call, we're left with whatever was in headers (and not options.headers) - which is just the presets and not the options.headers (with token) that were passed along.

Potentially related: https://github.com/unjs/ofetch/releases/tag/v1.4.0
@sandros94
Copy link
Owner

Indeed that defu was something I was concerned about when reading the ofetch v1.4.0 release.

@sandros94 sandros94 self-assigned this Oct 10, 2024
@sandros94 sandros94 added the bug Something isn't working label Oct 10, 2024
@sandros94
Copy link
Owner

I started working on this one first, and it basically breaks the whole module 🙄

@sandros94
Copy link
Owner

sandros94 commented Oct 10, 2024
edited
Loading

@EtienneBruines please feel free to reopen if you experience any more problems after updating to the latest v0.4.0 release 🙏

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@sandros94 sandros94

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@EtienneBruines @sandros94