Appwrite: [bug] - all login params are required

Created on 8 Sep 2019  路  3Comments  路  Source: appwrite/appwrite

Calling from JS aw.auth.login(this.username, this.password);

yields back

{"message":"Invalid success: URL host must be one of: https:\/\/appwrite.io, https:\/\/appwrite.test, http:\/\/appwrite.test, https:\/\/localhost, http:\/\/localhost, http:\/\/localhost\/v1","code":400,"file":"\/usr\/share\/nginx\/html\/vendor\/utopia-php\/framework\/src\/App.php","line":456,"trace":[{"file":"\/usr\/share\/nginx\/html\/vendor\/utopia-php\/framework\/src\/App.php","line":395,"function":"validate","class":"Utopia\App","type":"->","args":["success",{"default":null,"validator":{},"description":"URL to redirect back to your app after a successful login attempt.","optional":true,"value":null},"null"]},{"file":"\/usr\/share\/nginx\/html\/app\/app.php","line":793,"function":"run","class":"Utopia\App","type":"->","args":[{},{}]},{"file":"\/usr\/share\/nginx\/html\/public\/index.php","line":27,"args":["\/usr\/share\/nginx\/html\/app\/app.php"],"function":"include"}],"version":"latest"}

The 'success' and 'failure' URLs are still required by the backend.

This might be related to
https://github.com/utopia-php/framework/commit/5ac8c91de53166ca7c03c82b55ed717a66362876#diff-58980ac23a3a9a0b92abd9805eed1e78

in Utopia forcing default values? It's a bit hard to follow as I'm not sure what 'param' method is doing here:

https://github.com/appwrite/appwrite/blob/6a5f54615ac53951dfbb93b555f6ab3a9e5dcad2/app/controllers/auth.php#L35

Is param() call creating/invoking a validator directly?

The docs/examples are somewhat out of sync as well, as docs show

appwrite.users.login()

but it should be

appwrite.auth.login()

bug help wanted

Most helpful comment

Thanks. I may try to dig on this this evening or tomorrow.

To clarify @eldadfux - I'm trying to call the appwrite SDK from JS, and am just trying to get back the 200 or 401 and the corresponding payload to process and move on from that login point. The payload coming back is always '400' because of these missing fields.

All 3 comments

Yes, actually we had to change the original implementation after browsers started blocking 3rd party cookies that we were using for sessions. I guess the code examples got out of sync, I will make sure to fix it.

I will have to take a deeper look at the default param issue and see how we can fix it.

Thanks. I may try to dig on this this evening or tomorrow.

To clarify @eldadfux - I'm trying to call the appwrite SDK from JS, and am just trying to get back the 200 or 401 and the corresponding payload to process and move on from that login point. The payload coming back is always '400' because of these missing fields.

We are trying to remove the extra params required for the login and register methods in this issue: #268, Hopefully this will work for modern browsers and we'll only use the extra params as fallback for older ones.

Was this page helpful?
0 / 5 - 0 ratings