-
Notifications
You must be signed in to change notification settings - Fork 40
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(PasswordAuthentication): Registration and authentication with local credentials #4
Conversation
This is 🔥 🔥 🔥 |
cecc56f
to
b923ff5
Compare
name: :authentication, | ||
describe: "Configure authentication for this resource", | ||
schema: [ | ||
subject_name: [ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is subject_name
really generic to all authentication? i.e some tokens might not use "subjects". I guess some kind of identifier
is though.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yeah, I couldn't think of a more generic term for the concept. Happy to take suggestions :)
b923ff5
to
581f9ef
Compare
@@ -27,6 +27,8 @@ defmodule AshAuthentication.Plug do | |||
|> Keyword.fetch!(:otp_app) | |||
|> Macro.expand_literal(__ENV__) | |||
|
|||
AshAuthentication.Validations.validate_unique_subject_names(otp_app) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Unfortunately, doing this at compile time is a harder task than it would seem. This won't necessarily get all resources because of the registry/api split. The split between registries and APIs was necessary in order to prevent massive compile time blockages/deadlocks, but it also makes validations based on enumerating resources like this, sadly undeterministic. Partial recompiles can result in this module not recompiling and therefore it can be out of date. Other things solve for this by requiring the registry be explicitly stated, and using Registry.Info.entries/1
: https://github.com/ash-project/ash_graphql/blob/main/documentation/tutorials/getting-started-with-graphql.md#add-ashgraphql-to-your-schema
Also happy to see some experimentation here around using things like Api.Info.registry(api) |> Code.ensure_compiled!()
or Api.Info.registry(api).spark_dsl_config()
to see if that causes the proper compile time dependency (from this module to the registry of all configured api module). If that works then I'd prefer to take that approach elsewhere also.
f8a14ce
to
52fcf7d
Compare
This is missing a bunch of features that you probably want to use (eg confirmation, password resets), but it's a pretty good place to put a stake in the sand and say it works.
Co-authored-by: Mike Buhot <[email protected]>
…same type as the attribute.
This should help when we're passed the session as just a map, for example in LiveView.
if there is one.
…attributes through.
a4e7f73
to
6ac1c6a
Compare
6ac1c6a
to
f50ccd5
Compare
This is missing a bunch of features that you probably want to use (eg confirmation, password resets), but it's a pretty good place to put a stake in the sand and say it works.