-
-
Notifications
You must be signed in to change notification settings - Fork 141
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[discuss] accounts-server token creator #774
[discuss] accounts-server token creator #774
Conversation
Codecov Report
@@ Coverage Diff @@
## master #774 +/- ##
==========================================
+ Coverage 95.15% 95.17% +0.02%
==========================================
Files 80 80
Lines 1774 1783 +9
Branches 348 352 +4
==========================================
+ Hits 1688 1697 +9
Misses 78 78
Partials 8 8
Continue to review full report at Codecov.
|
Codecov Report
@@ Coverage Diff @@
## master #774 +/- ##
==========================================
+ Coverage 95.15% 95.17% +0.02%
==========================================
Files 80 80
Lines 1774 1783 +9
Branches 348 352 +4
==========================================
+ Hits 1688 1697 +9
Misses 78 78
Partials 8 8
Continue to review full report at Codecov.
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
These options make sense, just left some minor comments but otherwise, the pr looks good!
@@ -24,4 +25,6 @@ export interface AccountsServerOptions { | |||
siteUrl?: string; | |||
prepareMail?: PrepareMailFunction; | |||
sendMail?: SendMailType; | |||
tokenCreator?: TokenCreator; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Does it needs to be a separate interface or can it be just a function?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
as I think about our use-case, the creator should receive "static" options. so I think it will be better to implement it as an interface that you can instantiate ratter than passing the options in the function
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good.
Hi,
In our project, we use a 3rd party authenticator service. This service manages access tokens itself. We wrote an
AuthenticationService
to support it, but it has duplicate code withaccounts-server
(and specific graphql endpoints) since we can't use itsloginWithService
andrefreshTokens
functionality.The reason why we can't use
loginWithService
is the way we deliver our 3rd party token to the client. The only way for us to do that withaccountsjs
is to use it as a session token. then we create access token and refresh token usingaccounts
and deliver them. sinceaccounts-server
generates the session token itself,loginWithService
is not capable of supporting this scenario.The way we thought of solving it, is to provide
accounts-server
with a customtoken creator
which will request the access token from the authenticator service and return it to be used as a session token.The other problem is with
refreshTokens
. When the authenticator service tells us to refresh its tokens, we currently invalidate the current session and create a new one with the new access token. we want to be able to useaccountsServer
functionality to do that. that's why we want to addcreateSessionTokenOnRefresh
option to create a new session token when refreshing tokens.These two changes allow us to use more of accounts-server and client functionality without implementing it ourselves.
@davidyaha @elie222 FYI