Replauth problems with users lacking custom PFP

Problem description:
When using ReplAuth, the HTTP_X_REPLIT_USER_PROFILE_IMAGE header is blank for users who have not set a custom pfp (but their account does have a pfp - an evalbot). This has caused me to need use the GraphQl API in some cases as a fix, which isn’t a big issue, but it’s certainly not ideal.

Expected behavior:
The HTTP_X_REPLIT_USER_PROFILE_IMAGE header should contain the link to the user’s PFP even if it’s the default PFP.

Actual behavior:
The HTTP_X_REPLIT_USER_PROFILE_IMAGE header is blank for users who have not set a custom PFP.

Steps to reproduce:

  • Set up a server with ReplAuth that simply logs the HTTP_X_REPLIT_USER_PROFILE_IMAGE header.
  • Log in as a user with a custom PFP
    • You’ll see the header correctly contains the PFP URL
  • Log in as a user with a default PFP
    • You’ll see the header is blank

Honestly, this behaviour makes sense to me. If a user hasn’t actually uploaded a pfp, there isn’t any pfp to get when the user is authenticated, I do get why you might want the URLs for the default pfps to be used if no pfp is available though.

But they do have a pfp… A modification of the evalbot. I shouldn’t have to write edge cases for replauth it should just always give me the pfp. They do have a pfp.

1 Like

It’s not actually their profile picture though, because they didn’t upload it, it’s Relpit themselves dealing with the edge case lol. Maybe a good idea would be for Replit to publicly host these default pfps somewhere for users to use.

The replauth user pfp should be consistent with the user pfp returned by the GraphQl API. They clearly do have a pfp otherwise it would also be blank using the API

1 Like

It’s probably not blank using the API because they dob’t want the specific pfp to change every time the page is refreshed, but it’s probably also more temporary. It is weird that Repl Auth wouldn’t return the same thing as GraphQL though.

EXACTLY, that’s the whole point. Also what are you talking about pfp changing?

1 Like

Because if they didn’t somewhere store which default pfp they had, it would change every time the page was refreshed because they’d be randomly reassigning it. Each default pfp with a different background colour is a different image.

Oh yeah well of course the PFP is only generated/chosen on sign up. Which is why it doesn’t make sense for the replauth to be blank because they very much do have a pfp

1 Like

two expert coders talking about code. a very goood convo :laughing: