Closed mbnoimi closed 3 years ago
I tried to set DB_SCHEMA=todolist
but I still get the same result.
I suspect there is something wrong in the dependencies, but I couldn't catch it
I'll check and get back to you
I'll check and get back to you
Thanks in advance.
I'm not sure if this related, but I preferred to report it just to take in the consideration.
$ npm audit fix
npm WARN deprecated mkdirp@0.5.4: Legacy versions of mkdirp are no longer supported. Please update to mkdirp 1.x. (Note that the API surface has changed to use Promises in 1.x.)
npm WARN deprecated bcrypt@3.0.8: versions < v5.0.0 do not handle NUL in passwords properly
npm WARN deprecated node-pre-gyp@0.14.0: Please upgrade to @mapbox/node-pre-gyp: the non-scoped node-pre-gyp package is deprecated and only the @mapbox scoped package will recieve updates in the future
added 19 packages, removed 17 packages, changed 37 packages, and audited 717 packages in 10s
5 packages are looking for funding
run `npm fund` for details
# npm audit report
bcrypt <5.0.0
Severity: moderate
Inadequate Encryption Strength - https://npmjs.com/advisories/1553
fix available via `npm audit fix --force`
Will install bcrypt@5.0.1, which is a breaking change
node_modules/bcrypt
minimist <0.2.1 || >=1.0.0 <1.2.3
Prototype Pollution - https://npmjs.com/advisories/1179
fix available via `npm audit fix`
node_modules/rc/node_modules/minimist
2 vulnerabilities (1 low, 1 moderate)
To address issues that do not require attention, run:
npm audit fix
To address all issues (including breaking changes), run:
npm audit fix --force
I tried to update the packages using npm-check-updates
but I get the following errors (usually it's working fine LB projects):
$ ncu -u
Upgrading /home/laptop/loopback4-starter/package.json
[====================] 31/31 100%
@loopback/boot ^1.4.4 → ^3.2.1
@loopback/context ^1.20.2 → ^3.14.1
@loopback/core ^1.8.5 → ^2.14.1
@loopback/openapi-v3 ^1.7.0 → ^5.1.4
@loopback/repository ^1.8.2 → ^3.4.1
@loopback/rest ^1.16.3 → ^9.1.3
@loopback/rest-explorer ^1.2.5 → ^3.1.0
@loopback/service-proxy ^1.2.3 → ^3.0.7
bcrypt ^3.0.6 → ^5.0.1
db-migrate ^0.11.11 → ^0.11.12
dotenv ^8.0.0 → ^8.2.0
dotenv-extended ^2.4.0 → ^2.9.0
lodash ^4.17.19 → ^4.17.21
loopback-connector ^4.8.0 → ^5.0.1
loopback-connector-kv-redis ^3.0.1 → ^4.0.0
loopback-connector-postgresql ^3.7.0 → ^5.3.0
loopback4-authentication ^2.1.1 → ^4.1.0
loopback4-authorization ^2.3.2 → ^3.2.0
loopback4-soft-delete ^1.2.0 → ^3.1.0
@loopback/build ^2.0.5 → ^6.2.9
@loopback/testlab ^1.6.3 → ^3.2.12
@types/jsonwebtoken ^8.3.2 → ^8.5.0
@types/node ^10.11.2 → ^14.14.31
eslint ^6.0.1 → ^7.20.0
tslint ^5.18.0 → ^5.20.1
typescript ^3.5.2 → ^4.2.2
Run npm install to install new versions.
$ npm install
npm ERR! code ERESOLVE
npm ERR! ERESOLVE unable to resolve dependency tree
npm ERR!
npm ERR! While resolving: loopback4-starter@1.0.1
npm ERR! Found: @loopback/boot@3.2.1
npm ERR! node_modules/@loopback/boot
npm ERR! @loopback/boot@"^3.2.1" from the root project
npm ERR!
npm ERR! Could not resolve dependency:
npm ERR! peer @loopback/boot@"^2.1.2" from loopback4-authentication@4.1.0
npm ERR! node_modules/loopback4-authentication
npm ERR! loopback4-authentication@"^4.1.0" from the root project
npm ERR!
npm ERR! Fix the upstream dependency conflict, or retry
npm ERR! this command with --force, or --legacy-peer-deps
npm ERR! to accept an incorrect (and potentially broken) dependency resolution.
npm ERR!
npm ERR! See /home/laptop/.npm/eresolve-report.txt for a full report.
npm ERR! A complete log of this run can be found in:
npm ERR! /home/laptop/.npm/_logs/2021-02-27T07_35_37_865Z-debug.log
@mbnoimi I'll try to upgrade this starter kit to latest LB4 versions over this weekend. Or, if you want to contribute, it will be just fine. But seems like you are facing issues. Let me know.
I just merged one PR -> https://github.com/sourcefuse/loopback4-starter/pull/65 which upgrades some of the LB4 deps. Can you please check now ?
Can you please check now ?
Now, I'm able to see a more detailed error message as following:
{
"error": {
"statusCode": 401,
"name": "UnauthorizedError",
"message": {
"length": 177,
"name": "error",
"severity": "ERROR",
"code": "42703",
"hint": "Perhaps you meant to reference the column \"auth_clients.deleted\".",
"position": "18",
"file": "parse_relation.c",
"line": "3504",
"routine": "errorMissingColumn"
}
}
}
But to be accurate. You didn't update the project to recent packages because I'm still see a differences:
Yes I didn't. This was an old PR from another contributor which I merged.
Can you please check now ?
Now, I'm able to see a more detailed error message as following:
{ "error": { "statusCode": 401, "name": "UnauthorizedError", "message": { "length": 177, "name": "error", "severity": "ERROR", "code": "42703", "hint": "Perhaps you meant to reference the column \"auth_clients.deleted\".", "position": "18", "file": "parse_relation.c", "line": "3504", "routine": "errorMissingColumn" } } }
But to be accurate. You didn't update the project to recent packages because I'm still see a differences:
Now this error means we are trying to reference a non existing column. Can you show me your auth-client.model.ts ?
Can you show me your auth-client.model.ts ?
import {model, property} from '@loopback/repository';
import {IAuthClient} from 'loopback4-authentication';
import {BaseEntity} from './base-entity.model';
@model({
name: 'auth_clients',
})
export class AuthClient extends BaseEntity implements IAuthClient {
@property({
type: 'number',
id: true,
})
id?: number;
@property({
type: 'string',
required: true,
name: 'client_id',
})
clientId: string;
@property({
type: 'string',
required: true,
name: 'client_secret',
})
clientSecret: string;
@property({
type: 'string',
required: true,
})
secret: string;
@property({
type: 'string',
name: 'redirect_url',
})
redirectUrl?: string;
@property({
type: 'array',
itemType: 'number',
name: 'user_ids',
})
userIds: number[];
@property({
type: 'number',
required: true,
name: 'access_token_expiration',
})
accessTokenExpiration: number;
@property({
type: 'number',
required: true,
name: 'refresh_token_expiration',
})
refreshTokenExpiration: number;
@property({
type: 'number',
required: true,
name: 'auth_code_expiration',
})
authCodeExpiration: number;
constructor(data?: Partial<AuthClient>) {
super(data);
}
}
Ah ! Got it. There has been a major upgrade of soft-delete package here. With that upgrade, you need to add 2 new columns to all tables where you are inheriting from BaseEntity or SoftDeleteEntity class. Columns are deleted_on, deleted_by. Refer to this -> https://github.com/sourcefuse/loopback4-soft-delete/blob/v3.0.0/src/models/soft-delete-entity.ts
Also this changelog -> https://github.com/sourcefuse/loopback4-soft-delete/releases/tag/v3.0.0
There has been a major upgrade of soft-delete package here. With that upgrade, you need to add 2 new columns to all tables
Oops, I'll try to do it manually, but I believe it's time to use LB ORM instead of using db-migrate
. Does it?
Do I've to modify the tables and models too?
ORM is loopback-juggler only. I just dont use Loopback migrations as they are not reliable.
Read the warning here -> https://loopback.io/doc/en/lb4/Database-migrations.html
Do I've to modify the tables and models too?
No need to update models. Just the tables in DB.
No need to update models. Just the tables in DB.
Do I've to modify 20190430110622-init-script-up.sql to for the future setups?
BTW, I opened a feature request https://github.com/strongloop/loopback-next/issues/7119 for adding templates in LB
No need to update models. Just the tables in DB.
Do I've to modify 20190430110622-init-script-up.sql to for the future setups?
Yeah. If you can raise a PR for this, it will be a great help. Or, you can generate a new migration script adding these columns using alter script. Raise a PR, I can review and merge.
BTW, I opened a feature request strongloop/loopback-next#7119 for adding templates in LB
Great to hear. I'll upvote it.
/auth/login
works fine while /auth/token
doesn't!
/auth/login
{
"client_id": "webapp",
"client_secret": "saqw21!@",
"username": "super_admin",
"password": "test123!@#"
}
Response:
{
"code": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjbGllbnRJZCI6IndlYmFwcCIsInVzZXJJZCI6MSwiaWF0IjoxNjE0NDI0MjQ2LCJleHAiOjE2MTQ0MjQ0MjYsImF1ZCI6IndlYmFwcCIsImlzcyI6ImxiX2FwaSIsInN1YiI6InN1cGVyX2FkbWluIn0.KnEHLa5BZIga6TyogUEm8S4BqYgJGlyi2XiC4Bl8Pqk"
}
/auth/token
{
"code": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjbGllbnRJZCI6IndlYmFwcCIsInVzZXJJZCI6MSwiaWF0IjoxNjE0NDI0MjQ2LCJleHAiOjE2MTQ0MjQ0MjYsImF1ZCI6IndlYmFwcCIsImlzcyI6ImxiX2FwaSIsInN1YiI6InN1cGVyX2FkbWluIn0.KnEHLa5BZIga6TyogUEm8S4BqYgJGlyi2XiC4Bl8Pqk",
"clientId": "webapp",
"username": "super_admin"
}
Response:
{
"error": {
"statusCode": 401,
"name": "UnauthorizedError",
"message": "Invalid Credentials"
}
}
Logs ? Can you debug inside the login.controller.ts ?
Logs ? Can you debug inside the login.controller.ts ?
I don't know how to debug (I'm still a newbie in LB) but the terminal doesn't show any error, so I tried to enable logging depending on LB instructions, but I get this error:
$ npm install --save @loopback/logging
npm ERR! code ERESOLVE
npm ERR! ERESOLVE unable to resolve dependency tree
npm ERR!
npm ERR! While resolving: loopback4-starter@1.0.1
npm ERR! Found: @loopback/rest@7.0.1
npm ERR! node_modules/@loopback/rest
npm ERR! @loopback/rest@"^7.0.1" from the root project
npm ERR!
npm ERR! Could not resolve dependency:
npm ERR! peer @loopback/rest@"^9.1.3" from @loopback/logging@0.4.7
npm ERR! node_modules/@loopback/logging
npm ERR! @loopback/logging@"^0.4.1" from the root project
npm ERR!
npm ERR! Fix the upstream dependency conflict, or retry
npm ERR! this command with --force, or --legacy-peer-deps
npm ERR! to accept an incorrect (and potentially broken) dependency resolution.
I'll check it then. Basically you debug using vs code
I run DEBUG=*login*,*token* npm start
but I got nothing heheh
@samarpan-b Looks like it has something to do with #2639 Unable to fetch role via userTenants in the createJWT function
@mbnoimi @kevinjasti can u guys check with the latest now ?
@mbnoimi @kevinjasti can you confirm if it is okay to close this issue?
Closing it for now.
I had this error after cloning latest repo and updating dependencies - the soft delete package required the following to be added to most if not all existing tables in the SQL files
deleted_on timestamptz DEFAULT CURRENT_TIMESTAMP NOT NULL ,
deleted_by integer ,
I don't understand the internals enough to do a PR, just putting this up here for anyone who encounters the issue.
Thanks @rlyttle . Thats a new breaking change in soft delete package. Refer this - https://github.com/sourcefuse/loopback4-soft-delete/pull/14
@samarpan-b thanks. Is there not a need to re-open this bug and issue a PR with updated SQL files?
I think it was optional. If not, then yes. Can you raise a new issue to evaluate and put a fix to it @rlyttle ?
Whenever I call
/auth/login-token
or/auth/login
I get the following response: Request:Response:
.env:
DB structure: More info:
NOTE: I tried to use both options
JWT_SECRET=plmnkoxswqaz
&JWT_SECRET=plmnkoqazxsw
, but I always get the same result.