amplify-js
amplify-js copied to clipboard
aws-amplify
Nuxt SSR with GraphQL IAM
Before opening, please confirm:
- [X] I have searched for duplicate or closed issues and discussions.
- [X] I have read the guide for submitting bug reports.
- [X] I have done my best to include a minimal, self-contained set of instructions for consistently reproducing the issue.
JavaScript Framework
Vue
Amplify APIs
Authentication, GraphQL API
Amplify Version
v6
Amplify Categories
auth, api
Backend
Amplify CLI
Environment information
# Put output below this line
System:
OS: macOS 14.2.1
CPU: (12) arm64 Apple M2 Pro
Memory: 47.16 MB / 32.00 GB
Shell: 5.9 - /bin/zsh
Binaries:
Node: 20.9.0 - ~/Library/pnpm/node
Yarn: 1.22.19 - /opt/homebrew/bin/yarn
npm: 10.1.0 - ~/Library/pnpm/npm
pnpm: 8.9.0 - ~/Library/pnpm/pnpm
Browsers:
Chrome: 121.0.6167.139
Safari: 17.2.1
npmPackages:
@headlessui/tailwindcss: ^0.2.0 => 0.2.0
@headlessui/vue: ^1.7.17 => 1.7.17
@heroicons/vue: ^2.1.1 => 2.1.1
@nuxt/devtools: ^1.0.8 => 1.0.8
@nuxtjs/i18n: 8.0.0 => 8.0.0
@tailwindcss/aspect-ratio: ^0.4.2 => 0.4.2
@tailwindcss/forms: ^0.5.6 => 0.5.7
autoprefixer: ^10.4.17 => 10.4.17
aws-amplify: ^6.0.13 => 6.0.13
nuxt: ^3.10.0 => 3.10.0
nuxt-svgo: ^4.0.0 => 4.0.0
postcss: ^8.4.33 => 8.4.33
tailwindcss: ^3.4.0 => 3.4.1
vue: ^3.3.13 => 3.4.15
vue-router: ^4.2.5 => 4.2.5
npmGlobalPackages:
corepack: 0.20.0
npm: 10.1.0
Describe the bug
After following the provided documentation for setting up Nuxt 3 with Amplify, I get the project to build locally. It seems to be working!
However, when it comes to pulling data from the GraphQL API that is behind IAM authentication. I've enabled unauthenticated users and assigned them an IAM using Amplify, which works on the client but not when using SSR behind IAM authentication,
Expected behavior
The user should be assigned an IAM allowing them to query from the GraphQL API despite being unauthenticated.
Reproduction steps
Honestly, you can recreate it in any way when using Nuxt SSR.
Log output
// Put your logs below this line
401 Unauthenticated
aws-exports.js
No response
Manual configuration
No response
Additional configuration
No response
Mobile Device
No response
Mobile Operating System
No response
Mobile Browser
No response
Mobile Browser Version
No response
Additional information and screenshots
No response
Hi @francesco-hayes 👋 thanks for raising this issue.
It sounds like you are running into issues using public iam on the server side.
We have a tagged release that you can use to test whether it resolves your issue. Please note these are not meant for production, only for verification.
Install these packages and versions in your project and let us know if it fixes the issue for you.
npm i [email protected] @aws-amplify/[email protected]
iam-auth-server.ebba1a4.0
Updating this issue to indicate that it's a bug, not a setup issue or question. Fix is linked above, and until this is merged/released please refer to @chrisbonifacio comment above.
Nuxt was recently updated, and since then, I have been having a hard time recreating the issue, so I haven't been able to check if installing those packages is the solution. Right now, my error logs are empty despite not returning anything from GraphQL. I'll update my post if I manage to find out why nothing is being triggered when using the graphQL client.
By chance, is there a way to set the authMode for the graphQL client? I see a 200 network request for cognito and wonder if the graphQL client just needs to know what authMode to use for the query.
@francesco-hayes yes, you can do for example:
const { errors, data: newTodo } = await client.models.Todo.list({
authMode: 'iam'
});
[email protected] @aws-amplify/[email protected] iam-auth-server.ebba1a4.0
This seems to have fixed the issue for me. I am now even able to refresh the page, and the data is pulled.
Do I have to specify what authMode to use, or will Amplify determine this if the user is logged in?
I tried the new aws-amplify update without those packages, and it isn't working anymore...
Did those changes actually get merged?
[email protected] @aws-amplify/[email protected] iam-auth-server.ebba1a4.0This seems to have fixed the issue for me. I am now even able to refresh the page, and the data is pulled.
Do I have to specify what authMode to use, or will Amplify determine this if the user is logged in?
Amplify, by default, will only attempt to authorize requests using the default auth mode in the amplifyconfiguration.json file. You need to specify the authMode if you need to authorize the request with something other than the default.
I tried the new aws-amplify update without those packages, and it isn't working anymore...
Did those changes actually get merged?
The fix has not been released yet, it has been merged to main and will be included in the next release. Apologies for the delay.
[email protected] @aws-amplify/[email protected] iam-auth-server.ebba1a4.0This seems to have fixed the issue for me. I am now even able to refresh the page, and the data is pulled. Do I have to specify what authMode to use, or will Amplify determine this if the user is logged in?
Amplify, by default, will only attempt to authorize requests using the default auth mode in the amplifyconfiguration.json file. You need to specify the authMode if you need to authorize the request with something other than the default.
I tried the new aws-amplify update without those packages, and it isn't working anymore... Did those changes actually get merged?
The fix has not been released yet, it has been merged to main and will be included in the next release. Apologies for the delay.
Gotcha, thanks for the prompt response! Once again, I really appreciate it.
I'll keep an eye out for that release.
Thank you everyone for reporting this issue, your patience is appreciated!
Closing this issue as the fix was just released. Please upgrade to v6.0.17.