Issues with Slash

Had a few issues:

When I got an invite, it asked me to reset my password, but then logged me into another account (which I reckon I might have logged in before). I had to log-out and log back in, to get into my new account.

Dashboard does not show who you are logged in as. So, the above point becomes worse.

My 1Password doesn’t want to fill in my password on the login page for some weird reason.

I can’t login using Google, Twitter or GitHub.

Login happens via login.dgraph.io, but you log into slash.dgraph.io. Seems weird. Any way to keep it to slash subdomain? [Tejas: Can’t fix this one]

Above is even more weird, because the password reset happens on slash.dgraph.io. So, 1Password stores that as the link, instead of storing login.dgraph.io as the link. [Tejas: We now show you a link to the dashboard. This only happens if you’ve been invited]

Can’t Slash persist the API key, so a user does not need to set it, just to interact with their schema after having logged in already. (If they didn’t log in, then the API key makes sense. But, they are already logged in, so why not just let the user interact with the schema)

I like the words in the name, so it’s easier to remember: https://beneficial-baseball-9463.us-west-2.aws.cloud.dgraph.io/graphql, but does it need to have these things: numbers, us-west-2, aws, cloud and so on? If you want to differentiate between us-west-2.aws.cloud and such, just give it a subdomain within dgraph.io (like ‘wildwest.dgraph.io’). [Tejas: we’ve removed the numbers]

1 Like

I agree with this point, I thought that was a strange user experience. I understand it is like a second layer of authentication to keep your schema super secure, but I think one layer of security should be enough.

6 one way half a dozen the other. I plan on taking whatever my slash url is and writing my own dns cname for it anyways.

This actually wouldn’t be possible, as you wouldn’t be able to install a custom SSL certificate on Slash, which means that https wouldn’t work correctly. You could implement a simple reverse proxy at your domain that forwards requests, and get this to work.

If you are very keen on this feature, please request it in a new post with the feature tag. We do have this on our backlog, but it’s not been prioritised for this year at least.

Hmm, I will have to go back when we get to this point and see how we did it before pointing to a different https endpoint with a dns record.

Thanks for the feedback @mrjn.

  • We’ll look at some of these auth/1 password issuses that you’ve filed.

  • We will be enabling some social login providers soon

  • I’ll take the API key flow back to the team. Given that you are on the UI, it actually makes sense to get rid of it.

  • We’ll also add a gravatar or something so that you know you are logged in

The history selector in Slash is also a bit wonky. I can’t put my finger on it, but it requires a bunch of clicks sometimes. Or, you have to empty out your query or something.

We no longer need you to remember API keys if you are using Slash from the UI. Release notes here: Slash GraphQL Release July 21 2020

2 Likes

Any Updates?

  • We should rolling out profile pic (so you know who you are logged in as) sometime this week
  • I haven’t been able to reproduce your 1password bug, it always saves the password for me. One thing I did notice is that the email is not saved in the 1password chain, we’ll fix that. I’m wondering if your 1password bug is caused somehow by the fact you are logged in already.

This has been fixed: Slash GraphQL Release August 19 2020