CD
Cloudflare Developers2mo ago
AGill

Hey peeps I'm encountering some

Hey peeps I'm encountering some mysterious behaviour. My Pages Function is throwing intermittent 401 errors. I traced the code back to some packages I'm using: @propelauth/cloudflare-worker which calls jose. Debugging that shouldn't be a problem. The issue is that the 401 request that I receive in my browser is not reflected in the Real Time Logs stream. It's mysterious because it's only ever this intermittent error that does not show up. Every other request I make I can see in the logs stream. I even deployed changes with dummy errors and they show up as expected. It's also odd that a global try catch does not work around the auth code. There shouldn't be a code path for a 401 if I wrap my auth logic in a try/catch and throw a 418 for example. App is a Nuxt 3.15.4 app on Cloudflare Pages. Appreciate any help.
1 Reply
AGill
AGillOP2mo ago
Here is my Nitro middleware that handles auth: 
import type { EventHandler, EventHandlerRequest } from 'h3';

export const defineProtectedEventHandler = <T extends EventHandlerRequest, D>(
  handler: EventHandler<T, D>,
): EventHandler<T, D> =>
  defineEventHandler<T>(async (event) => {
    console.info('Initializing auth client, authenticating request...');

    const propelAuth = usePropelAuth(event);

    // throws 401
    const userClass = await propelAuth.validateAuthHeaderAndGetUserClass(
      getRequestHeader(event, 'Authorization') || '',
    );

    event.context.auth = {
      user: userClass,
    };

    console.info('Authorized user');

    return handler(event);
  });
import type { EventHandler, EventHandlerRequest } from 'h3';

export const defineProtectedEventHandler = <T extends EventHandlerRequest, D>(
  handler: EventHandler<T, D>,
): EventHandler<T, D> =>
  defineEventHandler<T>(async (event) => {
    console.info('Initializing auth client, authenticating request...');

    const propelAuth = usePropelAuth(event);

    // throws 401
    const userClass = await propelAuth.validateAuthHeaderAndGetUserClass(
      getRequestHeader(event, 'Authorization') || '',
    );

    event.context.auth = {
      user: userClass,
    };

    console.info('Authorized user');

    return handler(event);
  });

Did you find this page helpful?