Getting "No auth provider found matching the given token" with Convex Password Auth
I'm running basic Svelte Kit + Convex Dev locally, I have configured environment variables in my convex dev deployment and I'm even getting what seems to be a valid JWT token out of signIn action
Since I'm not using Next and Svelte doesn't have a more automatic token store/retrieve/refresh mechanism yet, I set up the fetchTokens function as instructed in the site (and even though it isn't as automatic, it still seems pretty straightforward to configure, props for gud API design);
However, with all that when the API calls it's Authenticate passing the token I got from login, I get a "No auth provider found matching the given token" error and then the websocket literally dies and stops retrying and the refresh token api call never resolves or rejects
Anyone have any light to shed?
24 Replies
For added context, I'm running the Convex Backend on Docker; If I remove these lines and let npx convex dev spin up it's own standalone server, then it works for the most part, except when renewing tokens that have expired (the signIn action for renewing never resolves or rejects and the ws connection dies)
what does ur signin action function look like?
It's imported from Convex Auth
you need to specify the provider with the actions
react has helper functions
yes it works for logging in, it gives me a JWT token and it seems valid, but then when it fails to authenticate the token it generated
thats weird
this behavior occurs when using self-hosted on Docker
lemme check on my codebase, i need to see the types
ye am also on self hosted docker
the Authentication in the deployment seems right, the issuer looks right too
bro u need to send the provider
set provider to
"password"
the provider is being sent, the login is being made, but it fails to authenticate the token it generated
hmm
I found the code that throws this error message, it should pass
ig wait for a dev to respond, convex auth has always been a bit iffy w/password flow, i recommend either using clerk or better auth, convex team is working on an official better auth integration current one is either maintained by better auth / community idk
Can you parse a token (jwt.io has a parser) and share the values of
aud and iss, as well as your convex/auth.config.tsI did this in the first post, when I`m using Docker I get this weird situation where the backend generates a token and immediately after it just rejects the same token itself created
From the backend code it seems to only be checking issuer and audience as plain string, those match with the values I`m seeing in the Authentication tab in the dashboard, I think it should have matched alright there
it does make new auth sessions in the data
I believe the issuer has to be https or it'll be rejected
I haven't had luck with a localhost issuer
But I don't know that localhost was the issue. If you're self hosting, just get it running on https and try that.
i see, it truly is that
idk how to run this in debug, but I think it would be comparing https://http://127.0.0.1:3211 versus just http://127.0.0.1:3211
I have what I need to solve this, tyvm
