Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Authorization Problems with remote Hoodie

See original GitHub issue

Hello, I have hoodie running in a separate project, there, my package.json just have one thing:

"dependencies": {
  "hoodie": "^22.0.4"
}

(i’ve also tried “git://github.com/hoodiehq/hoodie#tent”, same issues) Then I start it like this (I need to control all the ports and url because later I deploy this to heroku)

node_modules/hoodie/bin/start.js --admin-password 123 --port 4000 --db-url http://admin:123@127.0.0.1:5984 --bind-address localhost

I get “🐶 Your Hoodie app has started on http://localhost:4000”, okay, no problems here. (I’ve also tried changing localhost to 0.0.0.0 or 127.0.0.1, no luck)

For using, I add the hoodie script on my other project like this:

<script type="text/javascript" src="//localhost:4000/hoodie/client.js"></script>

And create the hoodie singleton like this (hoodie.js):

const hoodie = new Hoodie({url: 'http://localhost:4000'});
export default hoodie;

Which I import on the other files to do stuff.

But when I try to sign up for example, by using this:

hoodie.account.signUp({username, password})
    .then(...)
    .catch(...);

Those requests are made (copying from chrome and skipping the OPTIONS ones):

1 - account

curl ‘http://localhost:4000/hoodie/account/api/session/account’ -X PUT -H ‘Origin: http://localhost:8000’ -H ‘Accept-Encoding: gzip, deflate, sdch’ -H ‘Accept-Language: pt-BR,pt;q=0.8,en-US;q=0.6,en;q=0.4,zh;q=0.2,gl;q=0.2’ -H ‘User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2597.0 Safari/537.36’ -H ‘content-type: application/vnd.api+json’ -H ‘accept: application/vnd.api+json’ -H ‘Referer: http://localhost:8000/’ -H ‘Connection: keep-alive’ --data-binary ‘{“data”:{“type”:“account”,“attributes”:{“username”:“3”,“password”:“123”},“id”:“hwn2p6q”}}’ --compressed

Response

201 Created {“data”:{“type”:“account”,“attributes”:{“username”:“3”,“password”:“123”},“id”:“hwn2p6q”}}

2 - session

curl ‘http://localhost:4000/hoodie/account/api/session’ -X PUT -H ‘Origin: http://localhost:8000’ -H ‘Accept-Encoding: gzip, deflate, sdch’ -H ‘Accept-Language: pt-BR,pt;q=0.8,en-US;q=0.6,en;q=0.4,zh;q=0.2,gl;q=0.2’ -H ‘User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2597.0 Safari/537.36’ -H ‘content-type: application/vnd.api+json’ -H ‘accept: application/vnd.api+json’ -H ‘Referer: http://localhost:8000/’ -H ‘Connection: keep-alive’ --data-binary ‘{“data”:{“type”:“session”,“attributes”:{“username”:“3”,“password”:“123”}}}’ --compressed

Response

201 created {“links”:{“self”:“http://0.0.0.0:4000/session"},“data”:{“id”:“Mzo1NzU2QzJEMjo3KCIbT3ywciSszguYH4TA5oKSaw”,“type”:“session”,“relationships”:{“account”:{“links”:{“related”:“http://0.0.0.0:4000/session/account”},“data”:{“id”:“hwn2p6q”,“type”:“account”}}}},“included”:[{“id”:“hwn2p6q”,“type”:“account”,“attributes”:{“username”:“3”,“roles”:[]},“relationships”:{“profile”:{“links”:{“related”:“http://0.0.0.0:4000/session/account/profile”},“data”:{“id”:“hwn2p6q-profile”,“type”:“profile”}}}}],“meta”:{“id”:"1464094162685:rchaves-MacBook-Air.local:59312:iolfupsk:10004”}}

3 - user

curl ‘http://localhost:4000/hoodie/store/api/user%2Fhwn2p6q/’ -X OPTIONS -H ‘Access-Control-Request-Method: GET’ -H ‘Origin: http://localhost:8000’ -H ‘Accept-Encoding: gzip, deflate, sdch’ -H ‘Accept-Language: pt-BR,pt;q=0.8,en-US;q=0.6,en;q=0.4,zh;q=0.2,gl;q=0.2’ -H ‘User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2597.0 Safari/537.36’ -H ‘Accept: /’ -H ‘Referer: http://localhost:8000/’ -H ‘Connection: keep-alive’ -H ‘Access-Control-Request-Headers: accept, authorization’ --compressed

Response

401 Unauthorized

Then it keeps repeating the last request, with JS throwing

XMLHttpRequest cannot load http://localhost:4000/hoodie/store/api/user%2Fxy3hyvb/. Response for preflight has invalid HTTP status code 401

This also happens after sign in, and hoodie shows nothing on its logs, even running with the --verbose option.

Is this a CORS issue? What should I do? This setup used to work on very old hoodie versions (pre pouchdb)

Issue Analytics

  • State:closed
  • Created 7 years ago
  • Comments:14 (14 by maintainers)

github_iconTop GitHub Comments

2reactions
jameswestnzcommented, May 28, 2016

@gr2m: any reason we’re not using https://github.com/gr2m/hapi-cors-headers in Hoodie? I’ve just added it to my plugin, tweaked @hoodie/store-server slightly, and now everything is running as expected - errors gone, syncing working, logging out works great. That’s also all running through the webpack/angular2 environment.

I’m going to submit a PR so we can review - keen to see if it works for others.

0reactions
gr2mcommented, Jul 19, 2016

fyi the 401s after signin have been fixed via https://github.com/hoodiehq/hoodie-account-client/pull/103

Read more comments on GitHub >

github_iconTop Results From Across the Web

Considerations and limitations for using Hudi on Amazon EMR
Schema updated by default on upsert and insert – Hudi provides an interface, HoodieRecordPayload that determines how the input DataFrame and existing Hudi ......
Read more >
Dress Code - Headquarters Marine Corps
Inappropriate attire includes tank tops; sweatshirts; midriff tops, shirts with potentially offensive words, terms, logos, pictures, cartoons, or slogans;.
Read more >
Unpatched Zero-Day Vulnerabilities in Microsoft Exchange ...
Authenticated attackers who can access PowerShell Remoting on vulnerable Exchange systems will be able to trigger RCE using CVE-2022-41082.
Read more >
Professional Examination Rules - Pearson VUE
If you experience hardware or software problems or distractions that affect your ability to take the exam, notify the administrator.
Read more >
Django & React Tutorial #13 - Spotify API Tutorial ... - YouTube
This Django and React tutorial will cover how to use the Spotify Web API from python. You will learn how to authorize against...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

Bug: Displayed host in command line instructions is not accessible

Next page

Error Installing Camp Release On Windows Vista 32