Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Custom X-Hasura headers ignored when authorization passed
See original GitHub issueConsider an app that allows anonymous viewing of shared data through a ‘code’. The code is passed via an X-Hasura-Share header. An Hasura permission role viewer is created and set as default for the unauthenticated. This viewer role enables read only permission for the row whose id matches the X-Hasura-Share value. This all works great.
However, when an authenticated user (passing authorization header with correct token) tries to use that same share code, Hasura returns no data. This happens even though the X-Hasura-Role is set to viewer in the request headers (and the authenticated user is allowed that role). Note that Hasura does not error at all, it just returns an empty data set. It seems that as soon as the auth header is set the X-Hasura-Share header is ignored.
Is this behaviour expected or a bug?
Issue Analytics
- State:
- Created 3 years ago
- Comments:6 (3 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
I think it may not be documented: https://github.com/hasura/graphql-engine/issues/4101
My original question is answered (is it expected behaviour or a bug) so I will close this issue and follow the other one’s linked to. Thanks again!