This repository has been archived by the owner on Dec 15, 2022. It is now read-only.
Authentication #18
Merged
Authentication #18
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This helps differentiate the more abstract concept of "joining" or "leaving" the network from the more concrete concept of a direct connection to another peer.
Instead of forwarding the join request to spokes, we'll send an explicit notification message
The local peer's identity is fetched on initialization via the `authenticate` method. Other peer identities are expected to be relayed by the server on the first signal.
We could encounter invalid token errors for a variety of reasons, such as the user pasting garbage or the user explicitly deleting their auth token on github.com. When this happens, we want to prompt the user for a new token. This means the token isn't a constant, and injecting it directly into various layers of the system is problematic when it comes time to update it. Injecting a *provider*, which *is* constant, makes updating the token as trivial as telling the provider to clear its cache when we hit invalid token errors and requesting a new token. /cc @jasonrudolph
We still need to cover 401 responses during signaling.
We handle invalid tokens when offering by rejecting the connected promise with the invalid token error. We handle invalid token errors when answering by disconnecting and dispatching onError listeners with the error, since there's no relevant calling code on the stack when we receive a signal and answer. In both cases, we tell the auth token provider to forget its token.
...becasue `hostDidLoseConnection` or `hostDidClosePortal` will be called instead.
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Supplants and closes #8
Depends on atom/teletype-server#20
This pull-request adds support for authentication, allowing to determine the identity of a given site or peer. As part of this, the vocabulary has been modified to better reflect the distinction between peer-level, network-level and portal-level concepts (see b02feb8 for more details).
Please, note that this introduces a breaking change in the protocol. As such, we have bumped the protocol version in d927d98 to prevent people with different versions of the package to collaborate with each other.
/cc: @nathansobo @jasonrudolph