feat(presets): add devices_module to auth:hardened, b2b, and b2b:storage presets#1160
Merged
Merged
Conversation
…age presets The devices_module was missing from all module presets. The user_auth_module insert trigger already looks up devices_module and threads it through sign_in/sign_in_identity, but no preset actually included it — so device tracking was never provisioned. Add devices_module to the three production-grade presets that already have the full auth surface (rate limits, SSO, passkeys, MFA): - auth:hardened - b2b - b2b:storage The full preset uses modules: ['all'] so it picks up devices_module implicitly. Lighter presets (auth:email, auth:sso, auth:passkey) are left without it — device tracking is a hardened/production feature.
Contributor
🤖 Devin AI EngineerI'll be helping with this pull request! Here's what you should know: ✅ I will automatically:
Note: I can only respond to comments from users who have write access to this repository. ⚙️ Control Options:
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Adds
devices_moduleto the three production-grade module presets:auth:hardened,b2b, andb2b:storage.The
user_auth_moduleinsert trigger in constructive-db already looks updevices_moduleand threadsuser_devices_table_id/device_settings_table_idthrough to thesign_inandsign_in_identitygenerators. However, no preset actually includeddevices_modulein its modules list — so device tracking (trusted-device MFA bypass, device token cookies) was never provisioned.What changed:
auth:hardened— addeddevices_module(production consumer auth with full surfaces)b2b— addeddevices_module(multi-tenant B2B)b2b:storage— addeddevices_module(B2B + file uploads)Not changed:
full— usesmodules: ['all'], already picks up everything implicitlyminimal,auth:email,auth:email+magic,auth:sso,auth:passkey— lighter presets where device tracking adds unnecessary overheadTriggered by review feedback on #1141 (OAuth identity sign-in), item #7.
Review & Testing Checklist for Human
devices_moduleis correctly positioned in each preset's dependency order (aftersessions_module,user_auth_module)b2b:storagepreset and confirmuser_devices+device_settingstables are createdsign_in_identitygenerated function now includesdevice_tokenIN param andout_device_tokenOUT param when provisioned with this presetNotes
There are two related constructive-db follow-ups identified from the same review:
sign_up_identitymissing device support — the body generator has no device params, so new OAuth signups won't get device tracking even after this preset changesign_in_identitymissingremember_me— always usesdefault_session_duration; the regularsign_inalready supportsremember_mefor extended sessionsLink to Devin session: https://app.devin.ai/sessions/dd0bdd01d4cd47e1a432390593fd68d8
Requested by: @pyramation