Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Move out everything from readonly runtimeConfig and allow hooks for user modification #300

Closed
huang-julien opened this issue Nov 20, 2023 · 4 comments · Fixed by #429
Closed

Move out everything from readonly runtimeConfig and allow hooks for user modification #300

huang-julien opened this issue Nov 20, 2023 · 4 comments · Fixed by #429
Labels
enhancement New feature or request

Comments

@huang-julien
Copy link
Contributor

Is your feature request related to a problem? Please describe.

This is more like a RFC than a feature request

related to #231 #233 #298 #258

Describe the solution you'd like

#298 is introducing a new option called runtimeHooks. This would let users the ability to change their configuration at runtime with nuxt-security:... hooks.

The idea is to take out the runtime configuration from runtimeConfig which is currently readonly and having a writable object (or cache) to set the runtime configuration.

This will be send to event.context.security and all middlewares of nuxt-security will find their configuration in this object to know what they should do.

Now why doing this ?

A lot of our users are company users, some of them are storing their configuration in remote services such as Azure AppConfig, keyvaults....
So this would allow users to retrieve their configuration at server startup, probably cache it, refreshing it with an interval without having to actually re-deploy their server.

What would it look like ?

I think using nitro hooks would definitively give a maximum of DX to the user.

the current signature of nuxt-security:headers is (e: 'nuxt-security:headers', route: string, config: SecurityHeaders) => void

and we could probably add more hooks that looks like nuxt-security:headers to change other configuration.

Describe alternatives you've considered

Additional context
@huang-julien huang-julien added the enhancement New feature or request label Nov 20, 2023
@Baroshem
Copy link
Owner

Baroshem commented Dec 5, 2023

Very interesting feature idea!

I myself am using Google Secret Manager for configuration but it is more for variables like API keys.

However, I think that this feature should be rather an option in the config that could be enabled and then the configuration could be loaded from the hook rather than changing it completely for everyone IMO as it could lead to potential breaking changes or regressions (I may be wrong here so please correct me).

@Baroshem
Copy link
Owner

@huang-julien what do you think about my comment above? :)

@huang-julien
Copy link
Contributor Author

Yes, so the idea was to make it optionnal in #298 . This would give to users the choice between both methods of configuration, using both would even be possible since runtime hooks would simply override the old configuration

#298 (comment) @harlan-zw probably thinks that making it optionnal doesn't add any value. Ican agree with @harlan-zw since this isn't supposed to bring any breaking change. It instead adds a new feature

@Baroshem
Copy link
Owner

Ok, makes sense for me.

Would you be open for creating a PR with that solution? We could then test this out properly :)

@vejja vejja mentioned this issue Apr 20, 2024
Merged
6 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

feat(core): unified router context Baroshem/nuxt-security
2 participants
@Baroshem @huang-julien