[SOLVED] SSR examples (svelte) extended with DB access fails | Appwrite | Page 1

long light Mar 18, 2024, 10:49 PM

#

So I followed the tutorial here https://appwrite.io/docs/tutorials/sveltekit-ssr-auth/step-1 with my self-hosted instance on v1.5.3. Login works nicely.
However if I then try to use the logged in user to read docs from a collection i get an error:

  code: 401,
  type: 'general_unauthorized_scope',
  response: {
    message: '[email protected] (role: users) missing scope (collections.read)',
    code: 401,
    type: 'general_unauthorized_scope',
    version: '1.5.3'
  }
}```
I am using the user session client  as created in the example here https://github.com/appwrite/demos-for-svelte/blob/74be81a18142be31f7a818f2e58693b2682909ff/server-side-rendering/src/lib/server/appwrite.ts#L18 to call the `db.listDocuments`
I explicitly made sure the collection is set to allow CRUD for `Any` and `Role: Users`. Still I get the error. Is this a bug or am I not supposed to use `node-appwrite` on server-side with a user session client?

Server-side authentication with SvelteKit - Docs - Appwrite

Add SSR authentication to your SvelteKit app with Appwrite

GitHub

demos-for-svelte/server-side-rendering/src/lib/server/appwrite.ts a...

Demos and tutorials for getting started with Appwrite + Svelte - appwrite/demos-for-svelte

long light Mar 19, 2024, 11:39 AM

#

SSR examples (svelte) extended with DB access fails

glass bay Mar 19, 2024, 11:57 AM

#

Heyy 👋 Looking at error, it sees role users, so I am confident that user authorization is working fine.
I think collections.read is server scope. I think the request is trying to give you schema details about the collection 🤔

#

It might also be trying to list all collections in a database.
Can you try to console.log() all values you are sending into listDocuments and ensure everything is as expected? I am a bit worried something will be null, undefined, or empty string

long light Mar 19, 2024, 11:58 AM

#

const assetClasses = await db.listDocuments(APPWRITE_DB_ID, collection.$id
        , [
            Query.offset(offset),
            Query.limit(pageSize)
        ]
    );

#

thats the call I'm doing basically, will log all input to these functions. give me like 5 min

glass bay Mar 19, 2024, 11:59 AM

#

long light ``` const assetClasses = await db.listDocuments(APPWRITE_DB_ID, collection.$id ...

Looking at code, I cant see anything wrong

long light Mar 19, 2024, 12:01 PM

#

console.log('Fetching asset classes');
    console.log('Offset:', offset);
    console.log('Page:', page);
    console.log('Page Size:', pageSize);
    console.log('DB ID:', APPWRITE_DB_ID);
    const collection = await db.getCollection(APPWRITE_DB_ID, 'assetClasses');
    const assetClasses = await db.listDocuments(APPWRITE_DB_ID, collection.$id
        , [
            Query.offset(offset),
            Query.limit(pageSize)
        ]
    );
    return assetClasses;

glass bay Mar 19, 2024, 12:02 PM

#

Ooooh I see now. db.getCollection cannot be called as user. To do that, you will have to user API key authorized client

long light Mar 19, 2024, 12:02 PM

#

result

Fetching asset classes
Offset: 0
Page: 1
Page Size: 25
DB ID: fact
AppwriteException [Error]: [email protected] (role: users) missing scope (collections.read)
    at Client.call (/Users/xxx/node_modules/.pnpm/[email protected]/node_modules/node-appwrite/lib/client.js:206:15)
    at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
    at async Databases.getCollection (/Users/xxx/node_modules/.pnpm/[email protected]/node_modules/node-appwrite/lib/services/databases.js:284:16)
    at async load (/Users/xxx/src/routes/assetclasses/[[page=integer]]/+page.server.ts:18:24)
    at async Module.load_server_data (/Users/xxx/node_modules/.pnpm/@[email protected]_@[email protected][email protected][email protected]/node_modules/@sveltejs/kit/src/runtime/server/page/load_data.js:61:17)
    at async eval (/Users/xxx/node_modules/.pnpm/@[email protected]_@[email protected][email protected][email protected]/node_modules/@sveltejs/kit/src/runtime/server/page/index.js:140:13) {
  code: 401,
  type: 'general_unauthorized_scope',
  response: {
    message: '[email protected] (role: users) missing scope (collections.read)',
    code: 401,
    type: 'general_unauthorized_scope',
    version: '1.5.3'
  }
}

#

ah okay! so hardcode the id

glass bay Mar 19, 2024, 12:04 PM

#

long light ah okay! so hardcode the id

Exactly, in example above you already know collection ID (assetClasses), so you can directly pass that into listDocuments()

long light Mar 19, 2024, 12:04 PM

#

yeah i wanted to make that configurable which is why I went with the extra call in the first place

glass bay Mar 19, 2024, 12:04 PM

#

Doing getCollection() is similar to doing DESC table in SQL - it shows potentially sensitive data to your data schema and permissions. Thats why its not allowed to users.

long light Mar 19, 2024, 12:05 PM

#

makes sense 🙂

#

and suddenly it works 🙂

glass bay Mar 19, 2024, 12:05 PM

#

🎉🎉🎉

long light Mar 19, 2024, 12:05 PM

#

but the general idea of abstracting appwrite away with SSR calls is valid, right?

#

https://tenor.com/view/thank-you-gif-25358104

Tenor

#

[SOLVED] SSR examples (svelte) extended with DB access fails

#[SOLVED] SSR examples (svelte) extended with DB access fails