Assigning to security context in check_auth doesn't work in Python
Describe the bug
Apparently, assigning to security context works in check_auth in JavaScript but doesn't work in Python.
To Reproduce
Run the following cube.py snippet:
from cube import config
@config('query_rewrite')
def query_rewrite(query: dict, ctx: dict) -> dict:
print("Query rewrite started")
print(ctx)
print("Query rewrite finished")
return query
@config('check_auth')
def check_auth(ctx: dict, token: str) -> None:
ctx['securityContext'] = {
"sub": "1234567890",
"iat": 1516239022,
"user_id": 42
}
context = ctx['securityContext']
print(context)
if not context:
raise Exception('Access denied')
return ctx
Result:
Expected behavior
Assigning to security context works in Python, 42 is printed as user_id inside the security context.
Version: 0.35.10
Additional context We can fix this in a backwards-compatible way as follows:
- Similarly to
check_sql_auth, support returning security context fromcheck_authboth in JavaScript and Python. - If nothing is returned, fall back to the current behavior.
Hey @ovr @igorlukanin Has there been any work on this issue yet? Are there any workarounds?
Are there any updates on this bug?
There's no ETA that I can share as of now. I recommend switching your cube.py to cube.js syntax as a workaround; you'll be able to convert it to Python when this issue is resolved.
@jcarlos92 @sabinevidal FYI, we have fixed this one in the linked PR and this is going to land in the next release. Please stay tuned!
I've just tested this with Cube v0.36.2 and it works as expected. Closing as resolved then.