AWS Amplify API with GraphQL access rules defined but not working

AWS Amplify API with GraphQL access rules defined but not working


0

I’m using AWS Amplify API with GraphQL in my Flutter app and I have defined a GraphQL schema with the following access rules:

  • Any user, authenticated or not, can read all UserProfiles.
  • Only the owner can create, read, update, and delete their own UserProfile.

I am authenticating users with amplify_auth_cognito using Email.

This is the schema

type UserProfile @model @auth(rules: [
   { allow: public, operations: [read]}, 
   { allow: owner } ]) {
  content: String
}

Currently

Authenticated user can create the user profile but they can only read the one that they have created themselves

Authenticated users can’t read any other user profile created by another user

When Unauthenticated users try to read the data I get the following message in visual studio,

Query failed: UnknownException {
  "message": "unable to send GraphQLRequest to client.",
   "underlyingException": "SignedOutException {n  "message": "No user is currently signed in"n}"
 }

This how i create a UserProfile and it is saving in the backend,

Future<void> createUserProfile() async {
  try {
    final user = UserProfile(content: nameController.text);
    final request = ModelMutations.create(user);
    final response = await Amplify.API.mutate(request: request).response;

    final createdUserProfile = response.data;
    if (createdUserProfile == null) {
      safePrint('errors: ${response.errors}');
      return;
    }
    safePrint('Mutation result: ${createdUserProfile.content}');
  } on ApiException catch (e) {
    safePrint('Mutation failed: $e');
  }
}

this is how i read a UserProfile,

Future<List<UserProfile?>> queryUserProfile() async {
  try {
    final request = ModelQueries.list(UserProfile.classType);
    final response = await Amplify.API.query(request: request).response;

    final userProfiles = response.data?.items;
    if (userProfiles == null) {
      safePrint('errors: ${response.errors}');
      return const [];
    }
    print(userProfiles);
    return userProfiles;
  } on ApiException catch (e) {
    safePrint('Query failed: $e');
    return const [];
  }
}

I know when trying to read as an Unauthenticated user the error that is printed out is something to do with SignedOutException
but i thought that public rule i set means i don’t need to be signed in as a user

I’m a very new at AWS Amplify and Flutter any help would be appreciated

Share

2

  • Do unauthenticated users have an IAM role available?

    – Luke

    May 23 at 17:35

  • When i was setting the project up in VS code when going through amplify add API i added Cognito users pools then IAM role when doing the set up in terminal but not sure if i need to do something else thanks in advance

    – farooq

    May 25 at 13:24

1 Answer
1

Reset to default


0

the exception you have is because of an unauthenticated session, the possibility is you may select IAM or Cognito_user_POOl as auth mode and that expired after some time depending upon your pool settings and that’s why you are getting this exception on your GRAPHQL queries.

Share



Not the answer you're looking for? Browse other questions tagged

or ask your own question.

Leave a Reply

Your email address will not be published. Required fields are marked *