Get started
We are having lots of fun on Discord. Come and join us!
Star on GitHub 45.1K Get started
Back

User (role: guests) missing scope (account) after creating OAuth2 session with Discord

  • 0
  • Self Hosted
  • Auth
  • Web
View on Discord
lurxylux
10 Jun, 2024, 07:24

Hi all, I was looking through the support page for my specific issue but I was unable to find anything that I could adapt for my issue.

I rebuilt my Authentication in the last days after realizing that OAuth Authentication with SSR does not create a providerAccessToken right now. So I now try to create a session with account.createOAuth2Session instead using the Client SDK. Unfortunately, I seem to always get the Error 'User (role: guests) missing scope (account)' although I can see a session for my user in my selfhosted Appwrite as well as a cookie with my project name for my Appwrite Domain.

First off my function for calling createOAuth2Session

TypeScript
"use server"

export async function signUpWithDiscord() {
 
const client = new Client()
.setEndpoint(process.env.NEXT_PUBLIC_APPWRITE_ENDPOINT)
.setProject(process.env.NEXT_PUBLIC_APPWRITE_PROJECT);
 
const account = new Account(client);
 
const origin = headers().get("origin");
 
const redirectUrl = await account.createOAuth2Session(
OAuthProvider.Discord,
`${origin}/auth/oauth2/success`,
`${origin}/auth/oauth2/failure`,
//scopes
);
 
return redirect(redirectUrl);
};```
 
After Authentication with Discord, I am redirected to /auth/oauth2/session where I execute the following code:

export async function GET(request) { const key = request.nextUrl.searchParams.get("key"); const secret = request.nextUrl.searchParams.get("secret"); const origin = headers().get("host"); cookies().set(key, secret, { domain: origin, path: "/", httpOnly: true, sameSite: "strict", maxAge: 60 * 60 * 24 * 7, secure: true, }); // make the session persistent as a cookie

const client = new Client() .setEndpoint(process.env.NEXT_PUBLIC_APPWRITE_ENDPOINT) .setProject(process.env.NEXT_PUBLIC_APPWRITE_PROJECT);

const account = new Account(client); const currsession = await account.getSession('current'); // Here the error occurs

return NextResponse.redirect(${baseURL + "/"}); }

TypeScript


Thanks in advance!
TL;DR
Developers created an OAuth2 session with Discord but are receiving an error 'User (role: guests) missing scope (account)' when trying to access the User or Session in the code. The issue might stem from a misunderstanding in the process. Potential Solution: Ensure that the necessary scopes are set correctly during the creation of the OAuth2 session. Double-check the authentication flow with Discord and verify that scopes are properly configured for account access.
lurxylux
10 Jun, 2024, 07:25

I needed to put some info into a response:

Here are some metrics regarding my stack: Appwrite self-hosted 1.5.7 Appwrite SDK 15.0.0 NextJS 14.2.3 3rd party cookies are allowed in the browser I use for testing

My user is created/updated correctly and also gets a session in Appwrite Web Console (see appended Image)

In Addition, I can see that the user accont is linked with Discord properly (see appended Image) and in my Appwrite domain, I have cookies with the name a_session_[PROJECT_ID] and a_session_[PROJECT_ID]_legacy.

But when I try to access the User or the Session in the code, I always get the error as if my user is not authenticated.

Can anyone help me or point me in the correct direction? I am quite sure that I misunderstood something in the process and that is where the error is stemming from but I can't seem to find the specific step I do wrong.

Thanks in advance for the help!

Reply

Reply to this thread by joining our Discord

Reply on Discord

Recommended threads

Need support?

Join our Discord

Get community support by joining our Discord server.

Join Discord

Get premium support

Join Appwrite Pro and get email support from our team.

Learn more