feat(auth-middleware): Return a Tuple with Route pattern configuration when creating dbAuth middleware #10642
Conversation
createDbAuthMw -> initDbAuthMw
|
@dthyresson As discussed last night! We should think this through though.... what this effectively does is make it harder to misconfigure, but also makes it harder to intentionally configure the dbAuthMiddleware on certain paths. We're OK with this right? I can't think of a case where you wouldn't want auth mw running though. |
There was a problem hiding this comment.
- What was thinking of
initvscreate? Is that the naming pattern we like ... ie, use this in other custom middleware? -
We should think this through though.... what this effectively does is make it harder to misconfigure, but also makes it harder to intentionally configure the dbAuthMiddleware on certain paths. We're OK with this right? I can't think of a case where you wouldn't want auth mw running though.
Could there be a base AuthMiddlware that dbAuth, Supabase, Clerk etc all use that define the global *. That way it could document and enforce the fact that "all auth middleware" is global. And prevent specific path invocation?
I cannot see why auth would not be on all routes -- unless maybe you have possible have two+ auth providers and maybe dbAuth governs /admin.* and rest if app is *. But that may not be a scenario we support. Unless api functions use a different auth provider than the app's. api key on all function and use login on app facing routes.,
Init because we're returning a tuple instead of the actual middleware. I was thinking "create" implies you return the object you create, where as init can be a little vague. |
I've just done this with types now. Can totally export the type to be general.
I think the only case is if we want to disable the auth middleware for certain routes. Same as you I currently can't think of a reason you want to do this. |
…tuples-dbauth-mw * 'main' of github.com:redwoodjs/redwood: fix(deps): update dependency isbot to v5 (redwoodjs#10340) chore(deps): update dependency vscode-languageserver-protocol to v3.17.5 (redwoodjs#10351) chore(deps): update node.js to >=14.17 <=20.13 (redwoodjs#10368) fix(deps): update dependency graphql-sse to v2.5.3 (redwoodjs#10364) chore(deps): update dependency @supabase/supabase-js to v2.43.2 (redwoodjs#10365) chore(deps): update babel monorepo to v7.24.5 (redwoodjs#10614) fix(vite): Rename `serverAuthContext` to `serverAuthState` (redwoodjs#10653) feat(middleware): Add .shortCircuit to MiddlewareResponse (redwoodjs#10586) chore(ssr): Make entry.client.tsx better match standard entry.client (redwoodjs#10652) patch(crwa): Fix small annoyances (formatting, spell-check) (redwoodjs#10651) chore(ci): Update rsc readme (redwoodjs#10650) chore(serverAuth): Rename serverAuthContext to serverAuthState where relevant (redwoodjs#10643) chore(deps): Remove unused deps from prerender (redwoodjs#10649) Add missing rwjs/auth deps (redwoodjs#10648) feat(rsc-auth): Implement serverStore to hold and pass req info to RSC (redwoodjs#10585) chore(deps): Remove unused octokit package (redwoodjs#10645) chore(deps): bump @fastify/reply-from from 9.4.0 to 9.8.0 (redwoodjs#10644)
…-role-authmw * 'main' of github.com:redwoodjs/redwood: feat(auth-middleware): Return a Tuple with Route pattern configuration when creating dbAuth middleware (redwoodjs#10642)
[dbAuthMw, '*']from the init function to make it harder to accidentally misconfigure the auth middleware