Authentication crashing
I had authentication working, and introduced some bad data in my DB and it is now crashing. The data is in a table not the user table, so I am not sure why it is blowing up when associating a user with a subject. It looks like Ash.Authentication is keeping in the mix after authentication has completed but the view has not yet rendered and is eating the error. Still investigating on my end of course.
[info] GET /admin/companies
[debug] Processing with TacitRedOTPWeb.CompanyLive.Index.index/2
Parameters: %{}
Pipelines: [:browser]
[info] Sent 500 in 2ms
[debug] Converted error :function_clause to 500 response
[error] #PID<0.1561.0> running Phoenix.Endpoint.SyncCodeReloadPlug (connection #PID<0.1159.0>, stream id 7) terminated
Server: localhost:4000 (http)
Request: GET /admin/companies
(exit) an exception was raised:
(FunctionClauseError) no function clause matching in AshAuthentication.subject_to_user/3
(ash_authentication 3.11.1) lib/ash_authentication.ex:208: AshAuthentication.subject_to_user(#TacitRedOTP.Auth.User<account: #Ash.NotLoaded<:relationship>, meta: #Ecto.Schema.Metadata<:loaded, "users">, id: "bd78bc20-1193-49e7-9cc0-e94fc010bea0", inserted_at: ~U[2023-05-19 15:04:51.743133Z], updated_at: ~U[2023-05-19 15:04:51.743133Z], email: #Ash.CiString<"[email protected]">, active: true, lock_version: 1, account_id: "d7d6ee62-4422-4668-8fbe-c80a880b26cf", aggregates: %{}, calculations: %{}, order: nil, ...>, TacitRedOTP.Auth.User, [tenant: nil])
(ash_authentication_phoenix 1.7.2) lib/ash_authentication_phoenix/live_session.ex💯 anonymous fn/4 in AshAuthentication.Phoenix.LiveSession.on_mount/4
(stdlib 4.3) maps.erl:411: :maps.fold_1/3
(ash_authentication_phoenix 1.7.2) lib/ash_authentication_phoenix/live_session.ex:97:
11 Replies
@jart
When I comment out the authentication live session like so it works
ash_authentication_live_session :authentication_required, # on_mount: {TacitRedOTPWeb.LiveUserAuth, :live_user_required} do scope "/admin" do live "/", AdminLive
But, it never reaches the on_mount method before the error is thrown.
error pointing to AshAuthentication.subject_to_user
did you check the subject_to_user in your project?
This is that line:
Its the
CiString that is causing the problem
but it also looks a bit strange
Yeah, I think will need some input from James on this one (not pinging him twice on the same discord issue)
What looks strange is that the function being called pretty clearly expects the subject to be a URI
Something like user?id=""
I think perhaps one of your plus is setting the session to an incorrect value somehow?
So its looking in the session for something like current_user
So I think what you need to look for is a plug or other on mount hook that is altering your session incorrectly. Or perhaps something you're doing in your auth controller@Zach Daniel From the code above it looks like AshAuthenticaiton is assuming the only thing in a sessoin is subjects? That is not a valid assumption. In my case "user" holds a user resource instance. Probably a bad practice, but what the code currently does. so the first line of the with will return the "user" resource type and it is then trying to pass that to the subject_to_user. But the session value is "current_user" so not sure why "user" is also passing the first line other than it is just a case never tested.
@jart ^
Or, it is just using "user" and not documenting the session keys that it reserves. I will see what I can do to rework things, but that is pretty pervasive in my code.
Looks like it is just the live_session so I may just not use that and do the auth checks in each live view.
You can also hand-write your own
live_session
to avoid copying things to each liveviewI ended up removing my use of "user" as a session value since that is really not good security practice. Recovering from that now.
Thanks for the help.