#User (role: guests) missing scope (account)

Console Message ( When trying anonymous after google) : This leads me to believe I'm logged in

Uncaught (in promise) AppwriteException: Cannot create an anonymous user when logged in

Qwik message when trying to get account:

AppwriteException: User (role: guests) missing scope (account)
    at Client.<anonymous> (file:///opt/Contrabot/Dashboard/node_modules/appwrite/dist/esm/sdk.js:391:27)
    at Generator.next (<anonymous>)
    at fulfilled (file:///opt/Contrabot/Dashboard/node_modules/appwrite/dist/esm/sdk.js:22:58)
    at process.processTicksAndRejections (node:internal/process/task_queues:95:5) {
  code: 401,
  type: 'general_unauthorized_scope',
  response: {
    message: 'User (role: guests) missing scope (account)',
    code: 401,
    type: 'general_unauthorized_scope',
    version: '1.3.7'
  }
}

How I'm trying to check if I'm logged in:

isLoggedIn: async () => {
        return account.get().then((response) => {
            return true;
        }).catch((error) => {
            console.log(error)
            return false;
        });
    },

Setup-
webapp: app.domain.com
appwrite: appwrite.domain.com

Reverse Proxying via nginx with host header set.

Edit: I'm using qwik via npm run and appwrite env is set to development

What is the response for account.get

Also if possible could you check without nginx to see if its appwrite or nginx?

No response for account.get, it's just throwing an error.

I can't to be honest, I plan on deploying my web app and appwrite on the same server with nginx in front, I can't even test with nginx disabled.

Anyway this is a appwrite error, something to with domains? or ssr?

Are you using SSR?

I couldn't paste the typescript code, so here's the txt file for anyone who can help

But are you using server side rendering or similar?

Yes, possibly

Why would that hurt?

AppwriteException: User (role: guests) missing scope (account)
at Client.<anonymous> (file:///opt/Contrabot/Dashboard/node_modules/appwrite/dist/esm/sdk.js:391:27)
at Generator.next (<anonymous>)
at fulfilled (file:///opt/Contrabot/Dashboard/node_modules/appwrite/dist/esm/sdk.js:22:58)
at process.processTicksAndRejections (node:internal/process/task_queues:95:5) {
code: 401,
type: 'general_unauthorized_scope',
response: {
message: 'User (role: guests) missing scope (account)',
code: 401,
type: 'general_unauthorized_scope',
version: '0.10.45'
}
}

npm run is printing out this error rapidly

It's being executed in server instead client sided, so sesion is run in the sever

I did some research, I'm kind of sure that is not the case, the code for that is different

Someone with qwik experience would be a lot more sure, but with this mix mash or new technologies I'm not sure where to start debugging

So apparently, yes, you're using server side rendering

Do you know if qwik has an option to disable SSR for one specific page?

Just an a general rule, I would recommend using local versions with different port numbers for development. You would need to share a single instance of Appwrite SDK client so this should only require changing the endpoint in a single place. But this is just a personal opinion.

to have proper cookie setup, you should have appwrite at appwrite.app.domain.com if your app is on app.domain.com

SSR makes things super complicated because you have to handle sessions client side AND server side

make where's the rest of the code for checking if you're logged in (where does account come from)?

https://github.com/Meldiron/appwrite-ssr-qwik
I have found this existing project that is trying to do the same thing, but I don't understand why they're trying to login with an api call instead of using the appwrite sdk

Because that needs to be performed client sided in order to store a session cookie

Another approach with the SDK is create a JWT token with the SDK, sending it to your server and using the JWT there to Auth the user server sided

That sounds very annoying for some reason, why doesn't it work more naturally? All projects I find pretty much use anonymous login which can be done on server side, or dont use the appwrite sdk on the server side conveniently. Do you have an example of how I can implement that?

We have plans to improve how we handle SSR.

You've already found the best example for how to handle SSR.

Well that only really works for anonymous login, what can I do to login with oauth?

It doesn't works naturally because you're rendering or in other words building the interface and data server sided instead of client sided

How can I have qwik client send the cookie to qwik server? Hope you understand what I mean 🙂

Easiest way is performing that client sided, by rendering things client side

But server can't make api calls then without access to user object right?

You don't call to the appwrite instance from server

Instead, from your client (users phone)

But then what's the point of SSR?

You mean benefits?

Yes

I could say, mainly SEO

And faster load for static data

But if you're building a website or app who has dynamic data, probably nothing of both things mentioned will matter

In the opposite case, as said, you will need to perform Auth client sided and then send the JWT to the server

Fair enough, however. How does something like auth.js do this? They somehow work both client and server side natively for qwik. Maybe that can help appwrite optimize for ssr at some point

Sincerely, not sure how auth.js works, but probably the same way as if you perform authentication client sided and then you send the JWT to server side, but handling all of that automatically

Thanks for that, not sure where to go from here since my application can't scale with limitations so might go for something custom. But I will definitely use Appwrite for something more smaller. Sorry for the trouble, lastly what framework does Appwrite support best? Where almost everything works out of the box?

Scaling doesn't has anything to do with what I have meant

You can scale with appwrite independently of the method used to render the website, as said, it has nothing to do with scaling

Sorry, by scale I mean work with increase in complexity. Lesser the parts I build the better it is

I think the only more complex part will be Auth