You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In our use of 6.14.1 arangojs, we have something like this snippet below. We notice that over time, eventually our connection starts getting 401 auth errors on all requests, embedded in some nestjs nasty error dump: not authorized to execute this request {"code":401,"errorNum":11,"isArangoError":true ......
This happens at exactly 30 days from the last server reboot. The problem appears to be that the session JWT token expires as it relates to the DB auth. While that is not a lost cause, it is clearly a problem in the app hanging on to the connect and not closing them as they are finished, or not having a way to refresh the token on a sane interval (my preferred approach), or having some fall back logic to restore a connection. I'll go about figuring out the third option. That said, what is the recommended practice with this driver? I am using NestJS and there really aren't any active / strong database provider integrations unfortunately that are active and our own is a variant of a version from some years ago. Is there any possibility that a new driver version handles this behavior differently?
This is a limitation of using db.login at the moment, yes. Please note that if you have the username and password, you can alternatively use db.useBasicAuth instead of using JWT based authentication.
Also note that your code contains a bug: db.login is asynchronous and returns a promise which you need to await. On the other hand db.useBasicAuth is synchronous and merely changes the configuration of the driver. Additionally useDatabase is deprecated. You should pass the database name as part of the configuration (you can also pass the username/password as part of the configuration btw): https://arangodb.github.io/arangojs/devel/types/connection.Config.html
There seems to be a refresh endpoint the frontend also uses. With JWT expiration now being much lower than in older versions of ArangoDB, we should probably support that.
pluma4345
changed the title
JWT auth duration / expiry on db.login(), and token refresh
Implement JWT refresh endpoint
Apr 26, 2023
In our use of 6.14.1 arangojs, we have something like this snippet below. We notice that over time, eventually our connection starts getting 401 auth errors on all requests, embedded in some nestjs nasty error dump: not authorized to execute this request {"code":401,"errorNum":11,"isArangoError":true ......
This happens at exactly 30 days from the last server reboot. The problem appears to be that the session JWT token expires as it relates to the DB auth. While that is not a lost cause, it is clearly a problem in the app hanging on to the connect and not closing them as they are finished, or not having a way to refresh the token on a sane interval (my preferred approach), or having some fall back logic to restore a connection. I'll go about figuring out the third option. That said, what is the recommended practice with this driver? I am using NestJS and there really aren't any active / strong database provider integrations unfortunately that are active and our own is a variant of a version from some years ago. Is there any possibility that a new driver version handles this behavior differently?
Any advice will help.
The text was updated successfully, but these errors were encountered: