Closed dcurletti closed 6 years ago
The issue is due to this line: https://github.com/kkemple/graphql-auth/blob/master/index.js#L41
It overrides the dynamic scope cb meaning that the scope is forever set to whatever it gets evaled to the very first time it is called.
hey @dcurletti! thanks for reporting the issue! is this something you would like to try and submit a PR for? if not I'll try to get to it in the next few days :smile:
Yea, I'll try to get it done today.
no rush! just wanted to see if you were interested in tackling it! also be sure to add yourself to contributors list!! 🙌
@dcurletti just wanted to follow up on this and see if you needed a second set of eyes, happy to help out in any way i can!
same thing here :-(
@dcurletti have you managed to fix this issue?
Guys I am actively using this package on my project. I also faced this problem and actually dynamic callback doesn't work at all except the very first time. Here is the pull request I created to fix this : https://github.com/kkemple/graphql-auth/pull/9
@BipinBhandari nice- I did the same as you, expect i only moved where the variable was being defined.
Can anyone explain me significance of Promise.resolve().then()
in https://github.com/kkemple/graphql-auth/blob/master/index.js#L41-L43
EDIT: I think it was just for performance. I have restored it to its original version in my PR.
puts that requiredScope
function at the end of the event loop, thereby freeing other functions to run before it gets called.
I'm assuming it is to protect against anyone doing a DB call, or any other long-running function, in their auth scope function.
just published 0.2.1
which includes #9, let me know if that resolves the issue
@kkemple Something seems to be wrong with the 0.2.1 npm package. There is no build folder.
Will fix in about 30 min and push out to NPM!
On Thu, Apr 12, 2018, 1:44 PM mitjade notifications@github.com wrote:
@kkemple https://github.com/kkemple Something seems to be wrong with the 0.2.1 npm package. There is no build folder.
— You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub https://github.com/kkemple/graphql-auth/issues/8#issuecomment-380888224, or mute the thread https://github.com/notifications/unsubscribe-auth/ADdjNJBWzgeL9-k8s2YjCcb7mpMnGxNSks5tn5JggaJpZM4Rt7xv .
@kkemple Still a problem. Will there be a new version or will you fix 0.2.1?
I have deployed 0.2.2 to resolve this issue!
@kkemple All ok now. Thank you!
great! thanks for your patience! going to close this issue, re-open if issue is not fully resolved!!
Dev setup:
graphql-auth
version: version "0.2.0"node
version: v6.11.1I am using graphql-auth with:
What you did:
I have an endpoint that is using the dynamic scope cb to change the scoped based on the params.
I log in to my app as User A with scope A I hit the above mutation I see the console log I receive the correct result I log out I log in to my app as User B with scope B I hit the above mutation I do not see a console log I get a permission denied error I terminate the server process I start the server process (I am still logged in with B from the previous session) I hit the above mutation I see the console log I receive the correct result I log out (with User B) I log in to my app as User A with scope A I hit the above mutation I do not see a console log I get a permission denied error
What happened:
In my context creation function, the one that puts
auth
on the context, I can see that the correct scopes are being applied. However, I believe the error has something to do with the dynamic cb being cached or not executed again (because I do not see the console log)