twenty icon indicating copy to clipboard operation
twenty copied to clipboard

Published 20 hours ago verified publisher icon twentyhq

Server crash if 500 is thrown

Open guillim opened this issue 1 year ago • 5 comments
trafficstars

Bug Description

Context

I found out this issue locally running on macOS the command npx nx run twenty-server:start I was trying to sync emails on a setup where the google env var were not defined.

IS_SIGN_UP_DISABLED=false
# AUTH_MICROSOFT_ENABLED=false
# AUTH_MICROSOFT_CLIENT_ID=replace_me_with_azure_client_id
# AUTH_MICROSOFT_TENANT_ID=replace_me_with_azure_tenant_id
# AUTH_MICROSOFT_CLIENT_SECRET=replace_me_with_azure_client_secret
# AUTH_MICROSOFT_CALLBACK_URL=http://localhost:3000/auth/microsoft/redirect
# AUTH_GOOGLE_ENABLED=true
# AUTH_GOOGLE_CLIENT_ID=replace_me_with_google_client_id
# AUTH_GOOGLE_CLIENT_SECRET=replace_me_with_google_client_secret
# AUTH_GOOGLE_CALLBACK_URL=http://localhost:3000/auth/google/redirect
# AUTH_GOOGLE_APIS_CALLBACK_URL=http://localhost:3000/auth/google-apis/get-access-token
# AUTH_SSO_ENABLED=true

Image

The bug

The server crashes, and no other request can be handled by the server until it is manually restarted.

/Users/gl/Documents/twenty/packages/twenty-server/src/engine/core-modules/auth/filters/auth-rest-api-exception.filter.ts:26
        throw new UnauthorizedException(exception.message);
              ^
UnauthorizedException: Google apis auth is not enabled
    at AuthRestApiExceptionFilter.catch (/Users/gl/Documents/twenty/packages/twenty-server/src/engine/core-modules/auth/filters/auth-rest-api-exception.filter.ts:26:15)
    at ExceptionsHandler.invokeCustomFilters (/Users/gl/Documents/twenty/node_modules/@nestjs/core/exceptions/exceptions-handler.js:33:26)
    at ExceptionsHandler.next (/Users/gl/Documents/twenty/node_modules/@nestjs/core/exceptions/exceptions-handler.js:13:18)
    at /Users/gl/Documents/twenty/node_modules/@nestjs/core/router/router-proxy.js:13:35
    at processTicksAndRejections (node:internal/process/task_queues:95:5)```

Expected behavior

  • First of all, we should not display the option to sync email with google in this situation where the env var are missing.
  • Second, when the server handles this 500 error, it should catch it and return a more appropriate message.
  • Finally, the server should not freeze like that.
  • Bonus, we could keep track of these errors in sentry

To be discussed further with @charlesBochet

guillim avatar Nov 20 '24 13:11 guillim

Bumping this one to prio high

charlesBochet avatar Nov 20 '24 14:11 charlesBochet

I will like to work on this issue.

myspace20 avatar Nov 20 '24 14:11 myspace20

Did you find out anything @myspace20 ?

guillim avatar Nov 25 '24 09:11 guillim

I was a little busy. I will find some time to look at it again.

myspace20 avatar Nov 25 '24 09:11 myspace20

Technical suggestion

  • [ ] Catch this specific 500 error
  • [ ] Make sure catched 500 errors are sent to sentry for the Cloud version
  • [ ] Hide the option to sync email with google in this situation where the according env var is missing

FurtherMore

  • Investigate why server crashes entirely for this kind of error

guillim avatar Nov 25 '24 15:11 guillim

From what I see, the server crash happens with AuthException errors. I could reproduce with these items

  • InternalServerErrorException: Token has expired.
  • UnauthorizedException: Google apis auth is not enabled

However, If i manually throw an AuthExceptionCode.CLIENT_NOT_FOUND error (same class AuthException) from the GraphqlQueryFindOneResolverService then it is catched properly

My guess : Yoga catches properly the error. We need to find out who calls the other errors. Suspect :

  • @nestjs/core/router/router-proxy.js

Edit : after the first renaming of Errors, and little refacto, I cannot reproduce the error.

guillim avatar Dec 02 '24 16:12 guillim