Authentication is not working (401 Error Code /Unauthorized)

Options
joel scheuner
joel scheuner Member
in ? Help! I'm a Noob
Hello guys, I'm new to Xano.

I love it so far, but the documentations and tutorials are a bit one-sided, so I have trouble to find answers.

My problem is I don't know how to call the Auth/me endpoint correctly with JavaScript. I tried a lot, but always I get the 401 Code back.

Could someone send a screenshot how they did it?

Already thank you for your help.
Joel
· Share on Twitter

Comments

  • Ray Deck
    Ray Deck Trusted Xano Expert ✭✭✭
    Options
    Hi, the authenticated endpoints need you to add a header called Authorization with the value of Bearer MYTOKEN where MYTOKEN is that very long string you get back from the login process (usually starting with “ey”). From JavaScrript in the browser you can specify headers with the second argument to “fetch”.

    If this isn’t working, feel free to post a screenshot of what you are trying and what result you are getting!
    · Share on Twitter
  • joel scheuner
    joel scheuner Member
    Options
    Yes, i know, i already tried this.

    Here Screenshots of two different applications to try API calls.
    [Screenshot 2022-06-03 003329.png][Screenshot 2022-06-03 003310.png]
    And here the Second one:
    [Screenshot 2022-06-03 003502.png]And yes there are 2 different endpoints, but it doesn't matter because it's the same code behind and they both share the same Authentication.

    Here is the same request with the same token in the test environment:

    [Screenshot 2022-06-03 004220.png]here it is successful

    [Screenshot 2022-06-03 004248.png]
    · Share on Twitter
  • joel scheuner
    joel scheuner Member
    Options
     sorry, my answer is down below :)
    · Share on Twitter
  • Ray Deck
    Ray Deck Trusted Xano Expert ✭✭✭
    Options
     This seems like there's a detail in there that requires someone to look a touch more closely. Xano has free, recorded office hours, and you can schedule to attend from a link in the sidebar on this community site. You might avail yourself of them. I think the next one is on Monday.

    I also offer paid 1-1 sessions and we would probably suss it out quickly, but given your description as a hobbyist, you might prefer the public nature of the office hours over the fee of a private consult. 
    · Share on Twitter
  • Sean Montgomery
    Sean Montgomery Administrator

    ADMIN
    Options
     what you are doing looks correct.

    Auth tokens have an expiration. Are you sure you are using a current one?

    Also are you clicking the copy icon on the run and debug tab instead of manually selecting and copying the token? I've seen users sometimes not copy the token entirely.
    · Share on Twitter
  • joel scheuner
    joel scheuner Member
    Options

    yes i know, i tried all of this, copied with the button, i'm aware of the expire time but 3 min after creating the token i don't think it has expired... And after getting the error code i tried it again in the debug tab and it worked.
    :/
    · Share on Twitter
  • Sean Montgomery
    Sean Montgomery Administrator

    ADMIN
    Options
     it looks like you have 2 user tables with the exact same name. You can definitely do that, but it is going to make things confusing. I would rename the one you don't want and then double check that you are using the right table in both the login api endpoint and the auth/me.

    It sounds like things are getting mixed.
    · Share on Twitter
  • joel scheuner
    joel scheuner Member
    Options

    hey yes, i saw that, but sadly it isn't the cause of this problem :/
    · Share on Twitter
  • Sean Montgomery
    Sean Montgomery Administrator

    ADMIN
    Options
     it would be helpful if you can be as specific as possible.

    Create a test user for debugging
    Let us know the email and password
    Give us the exact endpoint URL you use to login along with the endpoints
    Let us know the result with the token
    Give us the exact endpoint URL you use for auth/me

    I'm pretty sure something is getting mixed up somewhere. This is basic authentication that everyone uses daily.
    · Share on Twitter
  • Sean Montgomery
    Sean Montgomery Administrator

    ADMIN
    Options
     just noticed you are coming to office hours. That will make this a lot easier. Looking forward to meeting you and getting this resolved.
    · Share on Twitter
  • joel scheuner
    joel scheuner Member
    Options
     
    Here the test user:

    --Email--
    "joel@gmx.ch"
    --password--
    "Schwimmen10"
     
    --endpoint URL--
    https://x8ki-letl-twmt.n7.xano.io/api:djBdOegr/auth/checktoken

    --Token--
    eyJhbGciOiJBMjU2S1ciLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIiwiemlwIjoiREVGIn0.N2JCRRhdmKV34X5Dl41dpR2ve9HT3xYjaJKXnUwxubF2EZylUMjxc_9IjjS8ccPMOd-82F5Oh8gCPUHqllDp8PtL5nOfZ9Ex.RXQYwBwL6mZ9KmQnlvUPaA.1Cr2Tfmry7MSgEehlpGzTBni2A7flo8aXnpG3P4hjs00xRM4LqspOBhyGoY_e702bcBeb-GNM12-X3GbWoggfn9dye_9nAWFXlvZEe3nG-k9pKdiRw-V3eidyn4J4DV6FV3B61ozme5XjbmwNI9VefUcJUoBj6ZD7zYh5MfUVM0.3ArX_QpKp4Nh_xwOZpWSNO9vXz1l0tBa2Y5XuQxDfuk

    --Result--
    {"result_1": 
    {"id":7,
    "user_auth_id":"de518650-5b56-491b-8e1a-edf2344e62a1",
    "login_informations":
    {"admin":false,
    "registration_completed":false
    }
    }
    }
    · Share on Twitter
  • Sean Montgomery
    Sean Montgomery Administrator

    ADMIN
    Options
    Thanks that helped. It was what I originally mentioned. You are using the wrong table for authentication on your checktoken endpoint.

    Go to that query, click the tripple dots, and click settings. Change your authentication from user to user_Auth.

    https://mrkr.io/s/629cf7dd4e4e9b11c97e7401/0

    Once you get this working, make sure to change your password.
    · Share on Twitter

Categories