fauna-labs / fauna-schema-migrate

The Fauna Schema Migrate tool helps you set up Fauna resources as code and perform schema migrations.
MIT No Attribution
88 stars 11 forks source link

Unauthorized access issues #100

Closed PaddyShiel89 closed 3 years ago

PaddyShiel89 commented 3 years ago

Hi

I've been trying to get this set up for the last few days with no luck. I've got a Fauna Dev docker container running which I can read and write data to, as well as a cloud database. All my environment variables are set up through Vercel in production and in an .env.local file in development.

I've installed fauna-schema-migrate and can run init and generate. However, when I try to run state or apply, I get the same error, which I've copied below.

I don't know what I'm doing wrong. I've tried a couple of different admin keys, both from my production site and the ones I set up for development, and also secret.

Any pointers would be very much appreciated!

Unauthorized: unauthorized
      ╭──────────────────────────────────────────────────────────────────────────────╮
      │{                                                                             │
      │  "name": "Unauthorized",                                                     │
      │  "message": "unauthorized",                                                  │
      │  "description": "Unauthorized",                                              │
      │  "requestResult": {                                                          │
      │    "method": "POST",                                                         │
      │    "path": "",                                                               │
      │    "query": null,                                                            │
      │    "requestRaw": "{\"if\":{\"exists\":{\"collection\":\"migrations\"}},\"then│
      │\":{\"let\":[{\"setref\":{\"documents\":{\"collection\":\"migrations\"}}}],\"i│
      │n\":{\"map\":{\"lambda\":\"x\",\"expr\":{\"get\":{\"var\":\"x\"}}},\"collectio│
      │n\":{\"paginate\":{\"var\":\"setref\"},\"size\":10000}}},\"else\":{\"let\":[{\│
      │"col\":{\"create_collection\":{\"object\":{\"name\":\"migrations\"}}}},{\"ref\│
      │":{\"select\":[\"ref\"],\"from\":{\"var\":\"col\"}}}],\"in\":{\"let\":[{\"setr│
      │ef\":{\"documents\":{\"var\":\"ref\"}}}],\"in\":{\"map\":{\"lambda\":\"x\",\"e│
      │xpr\":{\"get\":{\"var\":\"x\"}}},\"collection\":{\"paginate\":{\"var\":\"setre│
      │f\"},\"size\":10000}}}}}",                                                    │
      │    "requestContent": {                                                       │
      │      "if": {                                                                 │
      │        "exists": {                                                           │
      │          "collection": "migrations"                                          │
      │        }                                                                     │
      │      },                                                                      │
      │      "then": {                                                               │
      │        "let": [                                                              │
      │          {                                                                   │
      │            "setref": {                                                       │
      │              "documents": {                                                  │
      │                "collection": "migrations"                                    │
      │              }                                                               │
      │            }                                                                 │
      │          }                                                                   │
      │        ],                                                                    │
      │        "in": {                                                               │
      │          "map": {                                                            │
      │            "lambda": "x",                                                    │
      │            "expr": {                                                         │
      │              "get": {                                                        │
      │                "var": "x"                                                    │
      │              }                                                               │
      │            }                                                                 │
      │          },                                                                  │
      │          "collection": {                                                     │
      │            "paginate": {                                                     │
      │              "var": "setref"                                                 │
      │            },                                                                │
      │            "size": 10000                                                     │
      │          }                                                                   │
      │        }                                                                     │
      │      },                                                                      │
      │      "else": {                                                               │
      │        "let": [                                                              │
      │          {                                                                   │
      │            "col": {                                                          │
      │              "create_collection": {                                          │
      │                "object": {                                                   │
      │                  "name": "migrations"                                        │
      │                }                                                             │
      │              }                                                               │
      │            }                                                                 │
      │          },                                                                  │
      │          {                                                                   │
      │            "ref": {                                                          │
      │              "select": [                                                     │
      │                "ref"                                                         │
      │              ],                                                              │
      │              "from": {                                                       │
      │                "var": "col"                                                  │
      │              }                                                               │
      │            }                                                                 │
      │          }                                                                   │
      │        ],                                                                    │
      │        "in": {                                                               │
      │          "let": [                                                            │
      │            {                                                                 │
      │              "setref": {                                                     │
      │                "documents": {                                                │
      │                  "var": "ref"                                                │
      │                }                                                             │
      │              }                                                               │
      │            }                                                                 │
      │          ],                                                                  │
      │          "in": {                                                             │
      │            "map": {                                                          │
      │              "lambda": "x",                                                  │
      │              "expr": {                                                       │
      │                "get": {                                                      │
      │                  "var": "x"                                                  │
      │                }                                                             │
      │              }                                                               │
      │            },                                                                │
      │            "collection": {                                                   │
      │              "paginate": {                                                   │
      │                "var": "setref"                                               │
      │              },                                                              │
      │              "size": 10000                                                   │
      │            }                                                                 │
      │          }                                                                   │
      │        }                                                                     │
      │      }                                                                       │
      │    },                                                                        │
      │    "responseRaw":                                                            │
      │"{\"errors\":[{\"code\":\"unauthorized\",\"description\":\"Unauthorized\"}]}",│
      │    "responseContent": {                                                      │
      │      "errors": [                                                             │
      │        {                                                                     │
      │          "code": "unauthorized",                                             │
      │          "description": "Unauthorized"                                       │
      │        }                                                                     │
      │      ]                                                                       │
      │    },                                                                        │
      │    "statusCode": 401,                                                        │
      │    "responseHeaders": {                                                      │
      │      ":status": 401,                                                         │
      │      "www-authenticate": "Basic realm=\"Unauthorized\"",                     │
      │      "x-txn-time": "1630247341604268",                                       │
      │      "x-faunadb-build": "082421.214623-ea103a1",                             │
      │      "content-length": "65",                                                 │
      │      "content-type": "application/json;charset=utf-8"                        │
      │    },                                                                        │
      │    "startTime": 1630247342128,                                               │
      │    "endTime": 1630247342244                                                  │
      │  }                                                                           │
      │}                                                                             │
      ╰──────────────────────────────────────────────────────────────────────────────╯
github-actions[bot] commented 3 years ago

Internal ticket number is LABS-68

rts-rob commented 3 years ago

Hi @PaddyShiel89 - thanks for reporting.

Is the database you're trying to connect to in the Classic region or one of EU/US?

If so, you must set the FAUNADB_DOMAIN environment variable explicitly. You must also set it to connect to Fauna Dev locally.

For example, for the US Region Group, you would do:

export FAUNADB_DOMAIN=db.us.fauna.com

And for Fauna Dev, you would also need the scheme and port, for example:

export FAUNADB_DOMAIN=db.us.fauna.com
export FAUNADB_PORT=8443
export FAUNADB_SCHEME=http

Let me know if this helps.

PaddyShiel89 commented 3 years ago

Hi Rob

Thanks for this. I do use the EU server, and I've already set the FAUNADB_DOMAIN variable in both production and local environments. Below are my variables for both environments, with private keys removed;

# .env.local
FAUNA_ADMIN_KEY=<removed>
FAUNADB_DOMAIN=localhost
FAUNADB_SCHEME=http
FAUNADB_PORT=8443

NEXT_PUBLIC_FAUNA_ADMIN_KEY=<removed, same as local FAUNA_ADMIN_KEY>
NEXT_PUBLIC_FAUNA_DOMAIN=localhost
NEXT_PUBLIC_FAUNA_GRAPHQL_ENDPOINT=http://localhost:8084/graphql
NEXT_PUBLIC_FAUNA_PORT=8443
NEXT_PUBLIC_FAUNA_SCHEME=http
# Vercel .env setup
FAUNA_ADMIN_KEY=<removed>
FAUNADB_SCHEME=https
FAUNADB_DOMAIN=db.eu.fauna.com

NEXT_PUBLIC_FAUNA_ADMIN_KEY=<removed, same as Vercel FAUNA_ADMIN_KEY>
NEXT_PUBLIC_FAUNA_DOMAIN=db.eu.fauna.com
NEXT_PUBLIC_FAUNA_GRAPHQL_ENDPOINT=https://graphql.eu.fauna.com/graphql
NEXT_PUBLIC_FAUNA_PORT=8443
NEXT_PUBLIC_FAUNA_SCHEME=https
NEXTAUTH_URL=https://dnd-compendium-five.vercel.app
rts-rob commented 3 years ago

What happens when you export those environment variables into your actual environment?

This tool doesn't (yet) support dotenv - see #18. We're looking at this issue right now and hope to bring the feature in soon.

PaddyShiel89 commented 3 years ago

What happens when you export those environment variables into your actual environment?

Sorry to be dim, but what do you mean?

rts-rob commented 3 years ago

Fauna Schema Migrate currently requires on actual environment variables being set, not loading them from .env files like your Next.js application does.

To set those variables, you have to run the following commands in your terminal/shell (Fauna Dev commands provided):

macOS/Linux

export FAUNA_ADMIN_KEY=<removed>
export FAUNADB_DOMAIN=localhost
export FAUNADB_SCHEME=http
export FAUNADB_PORT=8443

Windows

set FAUNA_ADMIN_KEY=<removed>
set FAUNADB_DOMAIN=localhost
set FAUNADB_SCHEME=http
set FAUNADB_PORT=8443

Be aware that this will add those commands to your shell history. To avoid this, on macOS/Linux you can add a leading space before "export".

PaddyShiel89 commented 3 years ago

I've tried this now, and initially it looked like it worked. It connected to the dev database at least. I generated migrations however when I tried to apply them, it said there was an error that certain collections and indexes were already applied. As I'm still in early development I thought I'd delete the database and start afresh so everything was in sync.

I deleted the databases - both local and on Fauna - and created new ones and updated the key in my system environment variables. However, now I'm getting the exact same error I started with.

Update Okay, so I deleted my node_modules folder and reinstalled everything - it's looking like it's working now! However, although it says the below, my cloud database hasn't actually updated;

    ✔ Retrieved current migration state
      ╭────────────────────────────────────────╮
      │2021-08-31T19:59:48.060Z  ← cloud state │
      │                          ← apply target│
      ╰────────────────────────────────────────╯

I'm assuming that's because my FAUNA_ADMIN_KEY in my system environment variables is set to secret. I just wanted to check before changing anything else again - should this be set to the admin key of the cloud database?

Thanks for all your help so far!

rts-rob commented 3 years ago

I believe that means that you're still pointing to your local Fauna Dev instance.

In FSM, "cloud state" means "state of your database" as opposed to "the migrations you've generated." If your environment variables are still pointing to Fauna Dev, then "cloud" means Fauna Dev too.

I'm going to close this issue as it doesn't appear to be bug related. If we need to follow up, please tag me (rob) in the Fauna forums.