When I try to authorize new sign up I get the above error message. This worked earlier, and nothing in my code has changed, so I worry this has something to do with Identity backend which is invisible to me.
My GoTrue code is based on the examples from @shortdiv
auth
.confirm(credentials.token)
.then((response) => {
console.log(“Confirmed”)
credentials.token = null;
dispatch(“attemptLogin”, credentials);
resolve(response);
})
.catch((error) => {
reject(error);
console.log(error);
});
I have done enough debugging to confirm that the credentials object has all the correct info, and that the error occurs before “attemptLogin” is dispatched.
Looking at the browser’s network dev tools I see that the POST call to .netlify/identity/verify is successful and returns an access token, but the subsequent call to .netlify/identity/user triggers the above error. This error occurs in both Chrome and Firefox.
To see for yourself please try signing up at www.dev.getgoodtree.com (follow signup at top right)
Upon further investigation, it appears that the call to get userInfo after verify does not include the bearer token. When logging in regular user, not verifying new user, everything works fine. Trying to figure out more will return with more info
So because the verify post call succeeds and the issue is in the token to the subsequent get user info call I figured the user would be successfully verified, and I’d be able to login normally. When I run regular auth.login(credentials) I get a successful token request with a token in the response, and a subsequent user info call that fails because no token is included in request. What is weird is that when I use credentials from an older user who I verified a couple weeks ago it works, so I really don’t understand.
I checked the Identity endpoints by going over a signup flow in postman and it seemed to work. When I went through the signup flow in your application, the bit that seemed to break was the user endpoint similar to your observation. I’d check the verification/confirmation step to make sure that you’re passing the token and getting the jwt back, which you can then send to login.
thanks @divya for pitching in, and @carl i super appreciate you working through your problem solving steps here. things like that really do help other folks in the same situation
if you still can’t figure it out, post here again.
I woke up this morning, and suddenly had a new idea of what was wrong, and I figured it out. I am both happy, and angry with myself.
I included a file upload field in the signup. Because the signup form is dynamically generated in Vue I couldn’t get it to work with the Netlify forms lambda functions so I needed all the info from the field included in the signup webhook lambda function, which meant base64 encoding the file, and including it as user metadata. This led to an absurdly enormous JWT which may have been the problem. JWTs are base64 encoded themselves so there was double base64 encoding which also might have been the problem.
Regardless, removing the base64 encoded file from the user metadata fixed my problem, so this was entirely my own fault. If anyone has a good idea of how to capture file data as part of signup I would greatly appreciate it. The better design might be to just separate the file upload from the signup workflow, and make people verify their age after they make an account.
And thanks @divya, your GoTrue with Vue tutorial has been extremely helpful.
The issue being the file upload makes sense and explains why it worked when I hit the endpoints in Postman but not in the app itself! I’m so glad you figured it out and that the tutorial was helpful to you!
Also, the workflow you’re playing around with capturing file data in a signup is probably worth exploring. Though I think separating file upload from signup would work for now. I’ve seen apps like car2go have users manually enter in information from a license and then send in a picture id post signup, which also works. I’ll see if I can take a stab at a better workflow later this week or next!
