How to distinguish between invalid auth data and service unavailable with deepstream and webhook

[slachtar]

Hello, I'm using a webhoot to authenticate users https://deepstream.io/tutorials/core/auth/http-webhook/ My webhook server is working great, it authenticates users against a database.

In the last days, the database went down, my users in front end see a message saying they've provided wrong username or pass. which is totally wrong, they should see a message saying "service unavailable for the moment, please try again later".

My webhook can catch the db down error, but don't know how to report this for the front end and which status code should I send and how to retrieve it in frontend DS client.

Any pointer to docs, example is very appreciated. Regards,

[jaime-ez]

Hi,

you have to set permittedStatusCodes retryStatusCodes and reportInvalidParameters in a way that handles your case.

Check the code here: https://github.com/deepstreamIO/deepstream.io/blob/fd801c69c3ff5bcb6b47a72672f7da6e413c42f4/src/services/authentication/http/http-authentication.ts#L100

If your server responds with a status code different than the permitted ones, and you set reportInvalidParameters to true, your server can send the right message in response.body that will be sent to clients.

Hope it helps, best

[slachtar]

Hello, thanks for the hints, I applied the config for my DS server. In the logs of DS, I can see the error coming:

Jan 25 16:40:14 testsrv deepstream[395783]: INCOMING_CONNECTION | from undefined (127.0.0.1)
Jan 25 16:40:14 testsrv deepstream[395783]: AUTH_ERROR | http auth server error: {"error":{"errorno":1,"details":"db error"}}
Jan 25 16:40:14 testsrv deepstream[395783]: AUTH_UNSUCCESSFUL | invalid authentication data

But the AUTH_ERROR is never reported on the client, all what I get in the login function is: success : false clientData : { reason: 'INVALID_AUTHENTICATION_DETAILS' }

I'm using success true/false to know if the credentials are valid and show invalid login credentials on my front end in case of success: false

What I want to display in front end now is "service unavailable for the moment, please try again later" But I don't know how to get the AUTH_ERROR to be able to display such message.

just FYI I'm running DS server 7.0.3

Regards,

[jaime-ez]

Ok it seems to be a bug on the client side here: https://github.com/deepstreamIO/deepstream.io-client-js/blob/4320d058e34886a5422c4b18bc239c2b62c8bc49/src/connection/connection.ts#L575 The message.data should be passed to onAuthUnsuccessfull in order to receive the server response. Instead it has the prewritten message that you get.

I'm kind of busy now, If you can try to solve it it would be great it should be something like redefining onAuthUnSuccessful to accept an argument message and pass the message.parsedData as argument so that value (if defined) is assigned to the reason variable.

Best

[slachtar]

Thanks, I'll look into it.

On Fri, 26 Jan 2024 at 02:47 jaime echegaray zipper < @.***> wrote:

Ok it seems to be a bug on the client side here: https://github.com/deepstreamIO/deepstream.io-client-js/blob/4320d058e34886a5422c4b18bc239c2b62c8bc49/src/connection/connection.ts#L575 The message.data should be passed to onAuthUnsuccessfull in order to receive the server response. Instead it has the prewritten message that you get.

I'm kind of busy now, If you can try to solve it it would be great it should be something like redefining onAuthUnSuccessful to accept an argument message and pass the message.parsedData as argument so that value (if defined) is assigned to the reason variable.

Best

— Reply to this email directly, view it on GitHub https://github.com/deepstreamIO/deepstream.io/issues/1138#issuecomment-1911279603, or unsubscribe https://github.com/notifications/unsubscribe-auth/AATKH2SKV2IT7YX6BIC33GTYQMDMNAVCNFSM6AAAAABCHM2DSCVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTSMJRGI3TSNRQGM . You are receiving this because you authored the thread.Message ID: @.***>

[jaime-ez]

check client v7.0.4 reopen if problem persists on client repo please

[jaime-ez]

server is not sending the right message

[jaime-ez]

solved in server v7.0.9