Closed skim037 closed 9 months ago
fjnoyp
commented
1 year ago Hi @skim037 thanks for sharing this issue.
How are you performing user sign ins? Are you using authenticator and if you call Amplify.Auth.fetchAuthSession before the Datastore save, is a valid user id printed out?
Also, can you share the code to you save command. These details will help me reproduce your issue on my side.
skim037
commented
1 year ago Hi @fjnoyp
When my app starts, it generates UserLoginInitiated event.
And this is how I handle this event.
on<UserLoginInitiated>((event, emit) async {
try {
final userInfo = await authRepo.attemptAutoSignIn();
final credentials = AuthCredentials(
userId: userInfo['userId'],
email: userInfo['email'],
registered: false);
In AuthRepository class, I have
Future<Map> attemptAutoSignIn() async {
final session = await Amplify.Auth.fetchAuthSession();
if (session.isSignedIn) {
return await fetchUserIdFromAttribute();
} else {
throw Exception('Not signed in');
}
}
Future<Map> fetchUserIdFromAttribute() async {
final attributes = await Amplify.Auth.fetchUserAttributes().timeout(const Duration(seconds: 5),);
final subAttribute = attributes
.firstWhere((element) => element.userAttributeKey.key == 'sub');
final emailAttribute = attributes
.firstWhere((element) => element.userAttributeKey.key == 'email');
final userId = subAttribute.value;
final email = emailAttribute.value;
final userInfo = {"email": email, "userId": userId};
return userInfo;
}
My save operation looks like below.
Future<void> saveProfile(Profile profile) async {
try {
await Amplify.DataStore.save(profile);
} on Exception catch (e) {
rethrow;
}
}I verified that I have proper token and user Id when I call below operation before trying to save the data.
final session = await Amplify.Auth.fetchAuthSession(
options: CognitoSessionOptions(getAWSCredentials: true),
);Hi @skim037 thanks for the detailed response here. I've been able to reproduce your issue and I think your problem is with a cli auth/api setup.
I was not able to save the model like you. I did the following: 1) add api and save model with datastore 2) add auth 3) add auth rules to model 4) save model with datastore no longer works even with signed in user
This is because the auth rules for your api category are not configured properly in the cli.
If you did the same as I did above, you probably got the following when you ran amplify codegen models:
InvalidDirectiveError: @auth directive with 'userPools' provider found, but the project has no Cognito User Pools authentication provider configured.
You need to fix this by configuring api correctly with amplify cli:
amplify update api ? Please select from one of the below mentioned services: GraphQL ? Select from the options below Update auth settings ? Choose the default authorization type for the API Amazon Cognito User Pool Use a Cognito user pool configured as a part of this project. ? Configure additional auth types? Yes ? Choose the additional authorization types you want to configure for the API API key API key configuration ? Enter a description for the API key: Public API ? After how many days from now the API key should expire (1-365): 365
Since you already have an auth user, I don't know if making this update will work for that user account. The safest would be to regenerate your backend and to apply the above steps to properly configure auth for api.
skim037
commented
1 year ago Hi @fjnoyp
I was able to get owner strategy to work after reading your reply. I think the issue has to do with what I choose for default authorization type. I was using API Key as a default authorization type and Amazon Cognito User Pool as an additional auth type. This did not work even when I initialize new environment and try to save a new record. After I update auth to use Amazon Cognito User Pool as a default type and API Key as an additional type, and initialize new environment, the owner strategy started to work. Could you verify this and address this issue if this is not intentional? I think I'm unblocked for now. Thanks for looking into this.
I ran into another issue but I will open a separate case for this one.
cwomack
commented
1 year ago Possibly related to #1693
Equartey
commented
9 months ago Hi @skim037, looks like this issue was resolved and subsequent updates have been released since the original issue was observed. I'm going to mark this as pending close, if you are still experiencing an issue please respond and we will take a look.
Jordan-Nelson
commented
9 months ago Closing this out since we have not heard back. If you are still facing an issue let us know and we can reopen the issue.
Description
I've been trying to apply owner strategy to restrict the access to data but it hasn't been successful so far.
I have a model that looks like this
After authenticating user using Cognito by logging in, when the app tries to write a record in Profile table, nothing happens. Write happens only when I add
{ allow: public, operations: [create, read]},to the model.As far as I know, there is no code changes required to get this working. I tried after running
amplify codegen modelsbut didn't work.I've been struggling with this for days. Not sure if this is a bug or miss on my side. Any suggestions would be appreciated.
Categories
Steps to Reproduce
No response
Screenshots
No response
Platforms
Android Device/Emulator API Level
No response
Environment
Dependencies
Device
iPhone 12
OS
iOS 16.1.2
Deployment Method
Amplify CLI
CLI Version
10.5.2
Additional Context
No response
Amplify Config
?