New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support for tenant tokens #152
Comments
Hi @archonic, thanks for your issue! Yes, currently there is no easy way to change the Meilisearch API key, used to query the resources internally. Because the data used to create the client comes from the configuration defined in the configuration side You are able to change this code at runtime but probably may have some problems with concurrency (not thread-safe). I'm not sure if we will provide an example like you want (meilisearch-rails + apartment) here in the README, because we will have to be aware of apartment changes in order to make our tutorial always up to date. Do you have any idea about: "how the public API should look like"? (disclaimer, I've never used the apartment gem before, the code below is just an idea for us to discuss) Apartment::Tenant.switch('tenant_name') do
MeiliSearch::Rails.change_api_key(tenant_data.current_user.meili_token) do
# search code?...
end
end or Apartment::Tenant.switch('tenant_name') do
MeiliSearch::Rails.change_api_key(tenant_data.current_user.meili_token)
# search code?...
end About the Anyway, let's discuss more this possible API, and then we can plan a way to make it real! Thanks for this issue, we're really happy to see you around! |
I realized that the attribute I wanted to filter by was not a user provided param. So as long as my app doesn't expose a Meilisearch JWT, I figure it's ok to scope by filter on the Rails side instead of using tenant tokens to scope. Still, I'm wondering how the gem can accommodate tenant tokens - I'd like to eventually have a front-end instant search feature. Especially if Actix can render the search results 🤘. Apartment is no longer maintained so it may make more sense to have an example for acts_as_tenant or just pseudo code it. In Apartment, as long and the request object is available and the "elevator" has populated the Something like This may be an over complication though. Tenant tokens are specifically for scoped front-end searches, right? Perhaps the token should be provided to a search function directly like:
That should prevent issues where you forget to switch back to an admin key before the app tries to create a new index, and it's more concise. Happy to be here and thanks for making such an efficient and easy to use search service! After thought: I wonder if I've misunderstood the purpose of a tenant token. Maybe this gem doesn't need tenant token integration if they're only designed for front-end implementations where Rails would not be answering requests? |
Sorry if I let you alone, we are in the release cycle and all of our efforts are to make all the integrations ready when the v0.28 comes out! I like the block approach as well, I've implemented something like that to switch databases and it was the perfect solution, I think it will be the same here. I like the idea of having the ability to provide a different token at search-time, I think both can live together without any problem. About instant-meilisearch, yes, we advise people to make the search in the front-end environment because it is where Meilisearch stands out! But if you do search in the backend you will still have a good performance and DX (it is not wrong). But the tenant token is meant to just scope the data in the search time out of the box without having to apply other scripts in the data after the search. So to answer this question Maybe this gem doesn't need tenant token integration if they're only designed for front-end implementations where Rails would not be answering requests?, I think this gem needs a rails-way to use the tenant-token feature! |
I agree. The gem can't assume that someone would have to use a front-end implementation to use that feature. I'm especially looking forward to building a front-end federated tenant search feature. |
Description
v0.26.0 introduced tenant tokens but it looks like there aren't any opinions on tenant tokens in this gem.
Basic example
Specifics of a meilisearch tenant token integration are going to depend on how tenancy is handled but it would be nice to see examples that support acts_as_tenant and perhaps Apartment. It should be easy to figure out how to integrate with Apartment by looking at examples for acts_at_tenant.
I'm wondering how the client should be initiated when searching a tenanted resource. I have this index action for example:
In order to use a tenant token, would I have to initiate the client myself? Like this:
I'm also wondering about best practices for token refreshes. I currently generate a tenant token when the tenant is created and set the expiry to one year, and plan on creating a tenant key refresh job that runs once per month on keys that expire that month.
The text was updated successfully, but these errors were encountered: