G35x
WWasp
•Created by Gus on 3/28/2025 in #🙋questions
How can I prevent google login to automatically login with the latest chosen account?
@Gus Carlos & Vinny solved it 👆 👆
20 replies
WWasp
•Created by G35x on 3/31/2025 in #🙋questions
TanStack Tables with WASP?
Thanks @Vinny (@Wasp)! I was kinda sorta hoping someone would tell me there's a compatibility issue/talk me out of this.
May the coding gods have mercy on my refactor 🙏 🤣
8 replies
WWasp
•Created by Gus on 3/28/2025 in #🙋questions
How can I prevent google login to automatically login with the latest chosen account?
Yep definitely learned something new! Thanks for correcting me 🙂
20 replies
WWasp
•Created by Gus on 3/28/2025 in #🙋questions
How can I prevent google login to automatically login with the latest chosen account?
Would be cool, as a workaround to solve this UX issue, if a user could authenticate multiple Google accounts to the same user entity for the WASP webapp auth, but this would probably require extensive reworking of how WASP's pre-build Auth works, as well as non trivial changes to the user dashboard, sign in screen, account creation screen. Also have the issue of figuring out how to attribute a new Gaccount w/ an existing user..
would likely need to require a user to register with a phone number + email in the registration screen THEN give them the option to create the account w/ a password OR sign-in with Google.
Then for any subsequent logins, the first step for the user would always be for the user to enter their phone number/email AND then:
-> check for existing Google auth
--> if true and user is signed into the correct account = successful login.
--> if true and user is NOT signed into the correct account = allow them to use their existing Gauth account OR associate a new Gaccount w/ their user, however, you'd then need to send 2fa confirmation link to the original phone number/email prior to new Gaccount association = success, lest anyone could just register auth to an existing account.
One consideration I'd definitely make when designing this process is ensuring account enumeration can't be achieved through any of the dialogue in the login process.
IMO, it's more work than it's worth, but would be super cool!
20 replies
WWasp
•Created by Gus on 3/28/2025 in #🙋questions
How can I prevent google login to automatically login with the latest chosen account?
@Gus I think this is more of a Google Oauth scope than WASP, I could be wrong, but from all of the Google services I use.. the only time I have the chance to choose which account to "sign in" w/ Google auth, is when I'm signed out of my google account / my Google session has expired.
I have this issue all the time when sharing access restricted Google sheets w/ clients who have multiple Gaccounts in their browser.
They complain that they can't access the resources and I have to explain they'll need to make sure they're not signed into any other accounts/if they are, they need to change the browser profile to the Gaccount with access.
I had this exact issue when building a Google Workspace Marketplace plugin in the past too.. while there was no "login" page for the plugin, setting the scope & google Oauth config was very much the same. The plugin sometimes wouldn't work/show up in the Google sheet if the user was signed into more than one google account at a time, depending on what account Google detected as the currently signed in "default" account for Oauth.
Same deal, had to explain to end-users to make sure they've signed out of any other account prior to using the plugin if they're getting 403 issues/the plugin disappears.
If I'm wrong, pls let me know!
20 replies
WWasp
•Created by fred-123 on 3/24/2025 in #🙋questions
Is it possible to create custom user roles with the current wasp auth? Such as non-admin staff
That's what I'm looking for 😄
+1 :boi: from me to support this future plan
I'm brooding over having to figure this out but would love to have "team" admins for my users & role based access within teams.
8 replies
WWasp
•Created by pipas on 3/18/2025 in #🙋questions
Best practices to verify files before uploading to S3?
Hey @pipas , probably good to do some server-side validation depending on your security requirements, like checking the MIME type and throwing an error if 'application/pdf' is not met.
I haven't done this with my own WASP project but you could modify the the s3utils file from the template to do something like this (GPT generated so this won't work as is)
import * as fs from 'fs';
import * as fileType from 'file-type';
// other imports
// existing s3utils code
const allowedMimeTypes = ['application/pdf']; // Specify allowed MIME types
// Function to check the MIME type of the uploaded file
const checkMimeType = async (filePath: string): Promise<boolean> => {
const buffer = fs.readFileSync(filePath); // Read file content into a buffer
const type = await fileType.fromBuffer(buffer); // Detect MIME type based on content
if (!type) { console.log('File type could not be determined'); return false; // Unable to determine MIME type } return allowedMimeTypes.includes(type.mime); // Check if it's an allowed MIME type }; export const getUploadFileSignedURLFromS3 = async ({ fileName, fileType, userId }: S3Upload) => { const tempFilePath =
if (!type) { console.log('File type could not be determined'); return false; // Unable to determine MIME type } return allowedMimeTypes.includes(type.mime); // Check if it's an allowed MIME type }; export const getUploadFileSignedURLFromS3 = async ({ fileName, fileType, userId }: S3Upload) => { const tempFilePath =
/tmp/${fileName}; // Assuming the file is being uploaded to a temporary location
const isValidMimeType = await checkMimeType(tempFilePath);
if (!isValidMimeType) {
throw new Error('Invalid MIME type');
}
// rest of your s3utils code
You could also add some additional integrity checks to read portions of the PDFs and verify it isn't malformed/is structured as a PDF to verify the content matches the MIME type since this could be spoofed.
If you're worried about malicious uploads, you could even use VirusTotal API to programatically scan files before storing them in your S3 bucket, but there could be privacy considerations to account for in doing so.15 replies
WWasp
•Created by G35x on 3/9/2025 in #🙋questions
/app/src/client VS /app/src/server?
Smart adding this to curssorrules. This might solve a big problem I've been having with Cursor since that update a couple weeks ago.. it's been taking some creative liberties and creating files in erroneous locations so this might tighten up the performance
20 replies
WWasp
•Created by G35x on 3/9/2025 in #🙋questions
/app/src/client VS /app/src/server?
@genyus this was actually extremely helpful to see! Thank you for sharing.. Do you use a VS plugin to make a file tree? How'd you generate this?
Sry for late reply, been working on a DSP plugin. Working with raw C++ really makes me appreciate how great/easy to use WASP is 🥹
20 replies
WWasp
•Created by G35x on 3/9/2025 in #🙋questions
/app/src/client VS /app/src/server?
@sodic this is such a goldmine of information for me in my situation. I appreciate you taking the time to understand where I am in my understanding and give me threads to pull on and learn from.
Not only did you give me the "WHAT" in what I was looking for, but the "WHY".
Tree shaking is on my to-do list today to dig into, and I'll need to figure out how to know what not to import into the client code.
The project I'm working on is what some of my developer friends have called "ambitious".. to put it lightly. And it very well may deal with sensitive (but non-regulated) user data so I really want to take my time and understand this fully.
Before I launch I plan to do some solo pentesting before I contract out an audit to a 3p, so if you have any resources or any other "threads" I can pull on related to secure coding practices I'd be very thankful!
20 replies
WWasp
•Created by G35x on 3/9/2025 in #🙋questions
/app/src/client VS /app/src/server?
@genyus Really appreciate the feedback! I've been organizing by feature so far and trying my best not to abstract the codebase too much.
Deciding what is really a standalone feature vs what is a sub-feature (and won't be used in another domain) isn't always easy but I think I'm finally finding a rhythm.
I will typically build out a large feature, then refactor, then finally refine the UI/UX before moving on. Main goals of my refactors are to eliminate redundancy, create common utilities, and generally keeping files under 300 lines (within reason).
The main issue is, I was worried I'm exposing something sensitive within the client that should be part of the server. Thankfully, the WASP team is smarter than I am and thought of that already haha!
from what I've gathered, grouping the operations.ts files inside of the directory for any given feature isn't a cardinal sin and may even lend to easier maintenance in the future.
20 replies
WWasp
•Created by AC on 12/24/2024 in #🙋questions
Really struggling with deploy
Adding my 2 cents here..
I really prefer using GCP for my projects. Not the cheapest/easiest but it has advantages & it’s what I’m used to.
Would love to see more love for GCP users.
There is some documentation that TomD created for this, I can tell he’s experienced and am super appreciative of his contribution.
Speaking candidly, experienced people sometimes aren’t the BEST teachers. One common pitfall, they can assume the audience has implicit information / contextual understandings which they might not.
In other words, and with all due respect, there are some under documented steps, and some info missing.
It could use a facelift!
Was thinking to create a more detailed guide on deploying a wasp project from scratch using 100% google infrastructure but don’t want to step on any toes or take away from Tom’s contribution. Also not sure how in-demand support is for this ecosystem and it would take a few hours to put together.
38 replies
WWasp
•Created by AC on 12/24/2024 in #🙋questions
Really struggling with deploy
Nice!! Congrats on the successful deployment
38 replies
WWasp
•Created by AC on 12/24/2024 in #🙋questions
Really struggling with deploy
No problem! Looking forward to seeing what works to fix this.
One more tip that helped me, if you aren’t already doing so, try to make as detailed as possible notes documenting all of your configurations, commands, strings etc used in your notes app while troubleshooting.
The first week I was trying to deploy I was relying on my memory.
I made way faster progress once I saved my “intellectual property” so I could wipe my environment, try new setups, and systematically test / compare which steps work, why, and how
38 replies
WWasp
•Created by AC on 12/24/2024 in #🙋questions
Really struggling with deploy
What I’m thinking might have happened is while you were testing different environment configurations to diagnose earlier sequential issues in your build / deploy stages, you could have done something to change your config.json and that’s why this new issue is occurring in the final stage
38 replies
WWasp
•Created by AC on 12/24/2024 in #🙋questions
Really struggling with deploy
Going back to the attempt prior to using sudo, Have you tried to verify the contents of your ~/.docker/config.json are correctly configured?
Seeing that you’re running into more environment issues using Sudo makes me think an easier path would be to make the “docker-compose up —build” command work without requiring Sudo.
A quick google search of the error code you got took me to a few different stack overflow threads. I didn’t see anything about using Sudo to resolve the “executable file not found at $PATH”
I did see a lot of people mentioning steps to fix the configuration at ~/.docker/config.json
specifically: “Check your ~/.docker/config.json and replace "credsStore" by "credStore"
And “My config stopped working after I've installed Docker Desktop which apparently added "credsStore": "desktop" to my ~/.docker/config.json.
Removing "credsStore": "desktop" fixed the issue as mentioned by various comments above”
38 replies
WWasp
•Created by AC on 12/24/2024 in #🙋questions
Really struggling with deploy
Hey @AC, I work from a mac M1 pro and had a bunch of unexpected issues deploying.
My stack is
- firebase front end
- Google cloud run server
- Google postrgresql DB
Took me two weeks to successfully deploy. I nearly gave up. Hang in there.
regarding the error:
LegacyKeyValueFormat: "ENV key=value" should be used instead of legacy "ENV key value" format (line 50)
I'm not certain this will be a non-issue for heroku, but this was a total non-issue for me at any point in my build or deploy. I get that warning every time I docker build and it hasn't caused any issues.
You're definitely headed in the right direction using:
docker buildx build --platform linux/amd64 -t <app-name> .
docker tag <app-name> registry.heroku.com/<app-name>/web
docker push registry.heroku.com/<app-name>/web
Do you get any other errors during the docker build stage?
Are you able to share the complete sequence of commands you're using & what directory you're in when running those commands during the build & push?
38 replies
WWasp
•Created by Kynetix on 10/18/2024 in #🙋questions
PayloadTooLargeError
Just wanted to let you guys know this fixed an issue for me & wanted to thank you both! you too kapa 😉
1) created a serverSetup.ts
import express from 'express';
import bodyParser from 'body-parser';
export const serverSetup = () => {
const app = express();
app.use(express.json({ limit: '50mb' }));
app.use(express.urlencoded({ limit: '50mb', extended: true }));
}
export const serverMiddlewareFn = (middlewareConfig: any) => {
middlewareConfig.set('express.json', bodyParser.json({ limit: '50mb' }));
return middlewareConfig;
}
2) added to my main.wasp:
server: {
middlewareConfigFn: import { serverMiddlewareFn } from "@src/server/serverSetup.js"
},
and no more PayloadTooLargeError
28 replies
WWasp
•Created by tomas.morales on 6/11/2024 in #🙋questions
manual deploy gcp
Access to XMLHttpRequest at 'https://backend-xxxxxxx.us-central1.run.app/operations/get-tables' from origin 'https://xxxxxx-xxxx.web.app' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
53 replies
WWasp
•Created by tomas.morales on 6/11/2024 in #🙋questions
manual deploy gcp
No it wasn't a wasp issue, you're absolutely right. It was a few different issues related to docker build args & how my environment variables were being set, and the database issue I had was being caused by a VPC connector in GCP. Good news is, I finally was able to get the server deployed.
Going to add more info than necessary in case it helps someone in the future.
Regarding the docker build, I was using:
docker build --no-cache --platform linux/amd64 -t backend-image .
and I kept getting the following error:
Dockerfile:40
--------------------
38 | RUN npm install && cd .wasp/build/server && npm install
39 | COPY db/schema.prisma .wasp/build/db/
40 | >>> RUN cd .wasp/build/server && npx prisma generate --schema='../db/schema.prisma'
41 | # Building the server should come after Prisma generation.
42 | RUN cd .wasp/build/server && npm run bundle
--------------------
ERROR: failed to solve: process "/bin/sh -c cd .wasp/build/server && npx prisma generate --schema='../db/schema.prisma'" did not complete successfully: exit code: 1
I tried many different configurations of deployment methods and spent a couple of days tinkering with Gcloud builds submit to try to eliminate my environment from the docker build process to no avail.
In the end I had to use this command locally:
PRISMA_CLI_BINARY_TARGETS=linux-musl \
PRISMA_CLIENT_ENGINE_TYPE=library \
docker build --no-cache --platform linux/amd64 \
--build-arg PRISMA_CLI_BINARY_TARGETS=linux-musl \
--build-arg PRISMA_CLIENT_ENGINE_TYPE=library \
--build-arg NODE_ENV=production \
-t backend-image .
Then eliminated the Google VPC connector since it wasn't playing nice with my RDS DB despite whitelisting the Google IPs.
And finally I stopped using Google secret manager for my env variables.. and success!
Bad news is.
Now I'm getting some CORS issues, I think it might be a configuration issue. Wondering if you have any insights you can provide on how to fix this?
53 replies