Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Tutorial 4.1: Update lib/auth code & remove warning about non-existent TS error (fixed via #5856, shipped in v2.1) #6158

Merged
merged 4 commits into from
Aug 8, 2022
Merged

Tutorial 4.1: Update lib/auth code & remove warning about non-existent TS error (fixed via #5856, shipped in v2.1) #6158

Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
aea574d
Update tutorial to reflect current state of lib/auth.*
Philzen Aug 7, 2022
56b6e21
Remove warning about TypeScript error (which doesn't exist anymore)
Philzen Aug 7, 2022
1dd9253
Degrade warning about non-implemented roles to info
Philzen Aug 7, 2022
aeb18a2
Remove info box for good as suggested by @tobbe
Philzen Aug 8, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
37 changes: 7 additions & 30 deletions docs/docs/tutorial/chapter4/authentication.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -728,7 +728,7 @@ export const isAuthenticated = () => {
return !!context.currentUser
}

export const hasRole = ({ roles }) => {
export const hasRole = (roles) => {
if (!isAuthenticated()) {
return false
}
Expand All @@ -751,7 +751,7 @@ export const hasRole = ({ roles }) => {
return currentUserRoles?.some((allowedRole) =>
roles.includes(allowedRole)
)
} else if (typeof context.currentUser.roles === 'string') {
} else if (typeof context?.currentUser?.roles === 'string') {
// roles to check is an array, currentUser.roles is a string
return roles.some(
(allowedRole) => context.currentUser?.roles === allowedRole
Expand All @@ -773,25 +773,16 @@ export const requireAuth = ({ roles }) => {
}
}
```

:::caution

At this point of the tutorial we have **not added roles** to our user model yet, therefore you can ignore the `hasRole` method in `api/src/lib/auth.js` for now.

If this bothers you, feel free to peek into [the tutorial chapter about Authorization](../chapter7/rbac.md) and add the missing field as described there.
:::




</TabItem>
<TabItem value="ts" label="TypeScript">

```ts title="api/src/lib/auth.ts"
import { AuthenticationError, ForbiddenError } from '@redwoodjs/graphql-server'
import { db } from './db'

export const getCurrentUser = async (session) => {
import type { DbAuthSession } from '@redwoodjs/api'

export const getCurrentUser = async (session: DbAuthSession<number>) => {
return await db.user.findUnique({
where: { id: session.id },
select: { id: true },
Expand All @@ -804,7 +795,7 @@ export const isAuthenticated = (): boolean => {

type AllowedRoles = string | string[] | undefined

export const hasRole = ({ roles }): boolean => {
export const hasRole = (roles: AllowedRoles): boolean => {
if (!isAuthenticated()) {
return false
}
Expand All @@ -827,7 +818,7 @@ export const hasRole = ({ roles }): boolean => {
return currentUserRoles?.some((allowedRole) =>
roles.includes(allowedRole)
)
} else if (typeof context.currentUser.roles === 'string') {
} else if (typeof context?.currentUser?.roles === 'string') {
// roles to check is an array, currentUser.roles is a string
return roles.some(
(allowedRole) => context.currentUser?.roles === allowedRole
Expand All @@ -849,23 +840,9 @@ export const requireAuth = ({ roles }: { roles?: AllowedRoles } = {}) => {
}
}
```

:::caution

At this point of the tutorial we have **not added roles** to our user model yet, therefore you can ignore the following error:

`Property 'roles' does not exist on type '{ id: number; email: string; }'.`

in the `hasRole` method in `api/src/lib/auth.ts` for now.

If this bothers you, feel free to peek into [the tutorial chapter about Authorization](../chapter7/rbac.md) and add the missing field as described there.
:::

</TabItem>
</Tabs>



The `getCurrentUser()` function is where the magic happens: whatever is returned by this function is the content of `currentUser`, in both the web and api sides! In the case of dbAuth, the single argument passed in, `session`, contains the `id` of the user that's logged in. It then looks up the user in the database with Prisma, selecting just the `id`. Let's add `email` to this list:

<Tabs groupId="js-ts">
Expand Down