Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

GraphQL auth rules : Datastore & Flutter and NextJS

See original GitHub issue

Before opening, please confirm:

I have searched for duplicate or closed issues and discussions.
I have read the guide for submitting bug reports.
I have done my best to include a minimal, self-contained set of instructions for consistently reproducing the issue.

JavaScript Framework

Not applicable

Amplify APIs

GraphQL API, DataStore

Amplify Categories

auth, storage, api

Environment information

# Put output below this line
  System:
    OS: macOS 11.6
    CPU: (4) x64 Intel(R) Core(TM) i5-4288U CPU @ 2.60GHz
    Memory: 275.83 MB / 8.00 GB
    Shell: 5.8 - /bin/zsh
  Binaries:
    Node: 14.17.5 - /usr/local/bin/node
    npm: 8.1.3 - /usr/local/bin/npm
  Browsers:
    Chrome: 96.0.4664.55
    Firefox: 88.0
    Safari: 15.0
  npmGlobalPackages:
    @aws-amplify/cli: 7.5.2
    angular-cli: 1.0.0-beta.28.3
    browser-sync: 2.23.1
    buffer: 5.6.0
    cordova: 8.0.0
    dezalgo: 1.0.3
    inquirer: 7.3.3
    ionic: 5.4.16
    n: 7.3.1
    npm: 8.1.3
    typings: 2.1.1
    undefined: 0.1.0

Describe the bug

I am trying to set up auth rules for a Flutter app using Datastore but am not getting far. I have a Graphql model for which I want public to have read access and the owner to read, create, update and delete. I expected the following rule to work:

@auth(rules: [{allow: public, operations: [read]}, {allow: public, operations: [read], provider: iam}, {allow: owner}]) In this situation updates to the table don’t get synced up to the backend. I am using the standard command to save the data “await Amplify.DataStore.save(item)”.

The following rules work: @auth(rules: [{allow: public } ]) @auth(rules: [{allow: public }, {allow: public, provider: iam} ])

The following rules seem to have an effect in that the records are no longer synced down from the backend. I assume this is because the read operation is omitted from the list of owner operations:

@auth(rules: [{allow: public, operations: [read]}, {allow: public, operations: [read], provider: iam}, {allow: owner, operations: [create, update, delete] }]).

Any ideas why this doesn’t work as I think it should??

Expected behavior

please see the description above

Reproduction steps

Run amplify update API to included API,IAM and Cognito
Use Amplify console to change the auth rules
run amplify pull to download the graphql updates
run the flutter app

Code Snippet

// Put your code below this line.

Log output

// Put your logs below this line

aws-exports.js

No response

Manual configuration

No response

Additional configuration

No response

Mobile Device

ios simulator

Mobile Operating System

IOS 13

Mobile Browser

No response

Mobile Browser Version

No response

Additional information and screenshots

No response

Issue Analytics

State:
Created 2 years ago
Comments:9 (5 by maintainers)

Top GitHub Comments

1reaction

matthewappscommented, Dec 1, 2021

@chrisbonifacio many thanks Chris for the prompt responses. This explains a lot, however the documentation relates to the GraphQL api for flutter. I am using Datastore and because the crud commands are different I went to the Datastore documentation. The information here is confusing because there is a section that goes into some detail describing multi authorisation and also says

"To enable DataStore to use multiple authorization types based on the model’s @auth rules, configure the “auth mode strategy” when initializing DataStore "

but it doesn’t describe how to do this? I’ve googled for examples but cannot find an example for Futter only for Swift.

In the middle of all the documentation surrounding multi-auth there is a message saying the following: “DataStore multi-authorization is currently unsupported in Flutter. We are actively working on this.” Please follow this Github issue to track this missing feature.

This is why I’m now confused. Does multi-auth work for flutter? If so how can I configure the “auth mode strategy” for datastore?

Unfortunately single auth doesn’t really work for me because my use case includes both a mobile app written in Flutter and a nextjs app using the same backend - both of which have different authorisation needs.

I really appreciate your help.

Matt

0reactions

github-actions[bot]commented, Dec 4, 2022

This issue has been automatically locked since there hasn’t been any recent activity after it was closed. Please open a new issue for related bugs.

Looking for a help forum? We recommend joining the Amplify Community Discord server *-help channels or Discussions for those types of questions.

Top Results From Across the Web

Getting Started with Server-Side Rendering (SSR) - JavaScript

For Next.js, returned props from the server have to be valid JSON. Because DataStore.query(Model) returns instances of Model , you need the serializeModel ......

Learning how to use AWS Amplify in Flutter - LogRocket Blog

To check the GraphQL schema generated, navigate to amplify\backend\api\amplifyDatasource\schema. graphql and you should see the following: type ...

Authorize based on field value in another document in ...

I am new to Amplify Datastore & AppSync w/ GraphQL, but in Firestore, you can write an auth rule like: allow delete: if...

Complete Guide to Amplify and Next.js - DEV Community ‍ ‍

Amazon Cognito will handle Authentication. We will use AWS AppSync to develop our GraphQL API. Our data will be stored in Amazon DynamoDB, ......

Announcing AWS Amplify JavaScript library version 5

You can use nested predicates to create powerful filtering rules when fetching data using Datastore. You can also stack predicate filters if ...