-
Notifications
You must be signed in to change notification settings - Fork 55
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Feature idea: scoped sesame tokens #59
Comments
This is in the same vein as #56, which I deemed out of scope but could reconsider as there seems to be some demand. It may be possible to do this in a backwards-compatible way when handling tokens manually (i.e. when not using the middleware). |
Ah sorry about the dupe. It seems like I didn't search well enough.
Can just have the non-scope variant (what's there now) just work like it does now, and have scoped calls in addition (or extra parameters) that let you generate and verify. I don't think the scoped variants can/need to be handled automatically. |
Yes. |
@tasn The PR I just submitted adds an optional |
Version 2.1 is published with this feature. Enjoy! |
PR is now complete with tests and docs. |
Haven't managed to test it yet, but the API looks great, thanks a lot! I'll migrate to it in the next few weeks and will let you know if I encounter any issues. Thanks! |
Hey,
I don't know if it's on the roadmap or even if it's of any interest here, but I'd love to see a way to add a scope to sesame tokens. What do I mean? Designate them to specific views, or specific operations.
For example, you can generate tokens that are used for email login, but at the same time, also generate tokens that can only be used for one-time view of screens. Tokens use for email verification (e.g. for verifying a user approves of an account deletion).
I ended up reimplementing sesame in my project in order to support this, though I wish it was supported here.
Feel free to close this if you think it's out of scope for this project, and thanks a lot for creating it!
The text was updated successfully, but these errors were encountered: