Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Provide a possibility to disable flows in dbAuth completely #5851

Merged
merged 3 commits into from
Jul 21, 2022

Conversation

Morishiri
Copy link
Contributor

Closes #5792

@netlify
Copy link

netlify bot commented Jun 29, 2022

Deploy Preview for redwoodjs-docs ready!

Name Link
🔨 Latest commit 03c44ba
🔍 Latest deploy log https://app.netlify.com/sites/redwoodjs-docs/deploys/62d9b84c7e43120008f35d8e
😎 Deploy Preview https://deploy-preview-5851--redwoodjs-docs.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify site settings.

@jtoar
Copy link
Contributor

jtoar commented Jun 30, 2022

Thanks @Morishiri! @cannikin tagging you here, cause dbAuth!

@jtoar jtoar added the release:feature This PR introduces a new feature label Jun 30, 2022
@dthyresson dthyresson requested a review from cannikin June 30, 2022 14:39
Copy link
Contributor

@dthyresson dthyresson left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@cannikin and @Morishiri does any documentation need updating? Perhaps in the configuration section?

@cannikin
Copy link
Member

Awesome! Thanks for this @Morishiri ! As @dthyresson mentioned, the only thing missing is updated docs about these new options.

@dac09
Copy link
Contributor

dac09 commented Jul 1, 2022

I wanted to throw in a little curve ball here, I wonder why we're using the enabled flag, and not just a boolean?

I believe the desired behavior is that either:
a) We supply handler options
OR
b) We disable that handler all together

Given this, wouldn't it make more sense to have it in one of these forms?

// a little confusing, because why are options false?
const signUpHandlerOptions = false

// or maybe, where none of the other properties are supplied
const signUpHandlerOptions = {enabled: false} 

I think we should throw if enabled is false, and other options are supplied here (and also updated the types to reflect this)

Just my 2p

@cannikin
Copy link
Member

cannikin commented Jul 1, 2022

Hmm, isn't that what @Morishiri did in the PR? There's a new enabled key in the various option blocks (loginOptions, etc.) and you can set it to false there, skipping the rest of the options.

image

@dac09
Copy link
Contributor

dac09 commented Jul 1, 2022

false there, skipping the rest of the options.

I think it’s close, but:
a) the types suggest that you should still set the other properties - it should be enabled false OR the other options
b) I think we should throw at runtime if enabled false is supplied with other options, just to prevent hard to trace down bugs - I can already imagine “I supplied all these options, but it’s not working” issues

@cannikin
Copy link
Member

cannikin commented Jul 1, 2022

Personally, I'm fine with letting you keep all of the options and then just flip a single boolean on/off if you want to enable/disable. Rather than deleting or commenting out all of the options AND setting it to false, and then when you want to turn it back on again you need to revert commits or uncomment or manually add all your options back in again.

It's like in my house if I need to work on the wiring in a room: I can flip off the circuit breaker to that room and everything is disabled. I don't need to also go around and unplug everything and unscrew every light bulb! ⚡️

Although for those people that like types, I agree that if you do want enabled: false then you shouldn't have to include the other options. Like you said, if enabled: true then all other keys are required, otherwise they're not.

@dac09
Copy link
Contributor

dac09 commented Jul 1, 2022

I can flip off the circuit breaker to that room

Hmmm yeah that makes sense - maybe we need to support a bit of both. Going by that analogy, we shouldn't need to plug in all your bulbs just to switch off the circuit breaker.

So I guess the type should look something like:

type DbAuthHandlerXOptions = OptionsWithEnabledFlag | {enabled: false}

That way you can just disable the handler with {enabled: false} and no other properties, but also have enabled just as a property when you supply other options too.

@cannikin
Copy link
Member

cannikin commented Jul 1, 2022

I like that!

Copy link
Contributor

@jtoar jtoar left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@Morishiri I noticed a few mistakes in the comments, so I had a pass at improving it slightly.

packages/api/src/functions/dbAuth/DbAuthHandler.ts Outdated Show resolved Hide resolved
packages/api/src/functions/dbAuth/DbAuthHandler.ts Outdated Show resolved Hide resolved
packages/api/src/functions/dbAuth/DbAuthHandler.ts Outdated Show resolved Hide resolved
packages/api/src/functions/dbAuth/DbAuthHandler.ts Outdated Show resolved Hide resolved
@Morishiri
Copy link
Contributor Author

@dac09 @jtoar I think I addressed your comments.

Copy link
Contributor

@jtoar jtoar left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @Morishiri, LGTM, but will let @cannikin give the final ok.

Copy link
Member

@cannikin cannikin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks great @Morishiri thanks so much! This is a big change, 500 lines!

@Morishiri
Copy link
Contributor Author

@cannikin The WebAuthn implementation got merged in the meantime. I added | {enabled: false} to it's types in the meantime while rebasing to keep in consistent with what is introduced here.

Is that fine?

@cannikin
Copy link
Member

Hmm, will that cause any issue for people that have no webAuthn config option at all? I want to make sure it’s backwards compatible so that if you use your existing config (which will have no webAuthn key) everything just keeps working.

@Morishiri
Copy link
Contributor Author

Hmm, will that cause any issue for people that have no webAuthn config option at all? I want to make sure it’s backwards compatible so that if you use your existing config (which will have no webAuthn key) everything just keeps working.

I kept question mark in webAuthn?: so it shouldn't cause any issues I think.

@cannikin
Copy link
Member

HMMM @jtoar Any idea with the E2E and smoke test failures? They both have this error message:

Error: Cannot find module '/tmp/redwood.TUGpWh/node_modules/@graphql-tools/url-loader/cjs/index.js'
    at createEsmNotFoundErr (internal/modules/cjs/loader.js:929:15)
    at finalizeEsmResolution (internal/modules/cjs/loader.js:922:15)
    at resolveExports (internal/modules/cjs/loader.js:450:14)
    at Function.Module._findPath (internal/modules/cjs/loader.js:490:31)
    at Function.Module._resolveFilename (internal/modules/cjs/loader.js:888:27)
    at Function.Module._load (internal/modules/cjs/loader.js:746:27)
    at Module.require (internal/modules/cjs/loader.js:974:19)
    at require (internal/modules/cjs/helpers.js:101:18)
    at Object.<anonymous> (/tmp/redwood.TUGpWh/node_modules/graphql-config/index.js:14:19)
    at Module._compile (internal/modules/cjs/loader.js:1085:14) {
  code: 'MODULE_NOT_FOUND',
  path: '/tmp/redwood.TUGpWh/node_modules/@graphql-tools/url-loader/package.json'
}

Pretty sure this PR has nothing to do with GraphQL tools. I'm trying a re-run now...

@cannikin cannikin dismissed dthyresson’s stale review July 21, 2022 20:33

Doc changes made

@nx-cloud
Copy link

nx-cloud bot commented Jul 21, 2022

☁️ Nx Cloud Report

CI is running/has finished running commands for commit 03c44ba. As they complete they will appear below. Click to see the status, the terminal output, and the build insights.

📂 See all runs for this branch


✅ Successfully ran 14 targets

Sent with 💌 from NxCloud.

@cannikin
Copy link
Member

Nevermind @jtoar a re-run turned green!

@cannikin cannikin merged commit b562305 into redwoodjs:main Jul 21, 2022
@redwoodjs-bot redwoodjs-bot bot added this to the next-release milestone Jul 21, 2022
@Morishiri
Copy link
Contributor Author

Wohoo 🎉

dac09 added a commit to dac09/redwood that referenced this pull request Jul 22, 2022
…ctmode-gen

* 'main' of github.com:redwoodjs/redwood:
  fix(deps): update dependency eslint-plugin-jsx-a11y to v6.6.1 (redwoodjs#6017)
  chore(deps): update dependency @playwright/test to v1.24.0 (redwoodjs#6019)
  chore(deps): update dependency @okta/jwt-verifier to v2.6.0 (redwoodjs#6018)
  fix(storybook): add `args` to auto generate docs (redwoodjs#5979)
  fix: `yarn rw setup auth clerk` fails in canary (redwoodjs#5998)
  Provide a possibility to disable flows in dbAuth completely (redwoodjs#5851)
@jtoar jtoar modified the milestones: next-release, v2.2.0 Jul 22, 2022
@toxsick
Copy link
Contributor

toxsick commented Jul 28, 2022

This has not landed in v2.2.0 right?

@dac09
Copy link
Contributor

dac09 commented Jul 28, 2022

Hi @toxsick - I don't believe so.

you will be able to see all the features included in each release in the releases tab https://github.com/redwoodjs/redwood/releases

@toxsick
Copy link
Contributor

toxsick commented Jul 28, 2022

Hey @dac09. thanks for the answer, yeah I looked through that, but I thought it is perhaps just not mentioned there.

Anyway, I was asking because it was planned for this release in milestone v2.2.0, but i guess it didn't make it then :)

Thanks for the awesome work and looking forward to use this change when it lands.

@jtoar jtoar modified the milestones: v2.2.0, next-release Jul 28, 2022
@jtoar
Copy link
Contributor

jtoar commented Jul 28, 2022

@toxsick my bad, I forgot to update the milestone. This change depended on another change that we had to take out of v2.20, so it didn't make it this time. It'll be in the next release!

@jtoar jtoar modified the milestones: next-release, v3.0.0 Sep 2, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
release:feature This PR introduces a new feature
Projects
Status: Archived
Development

Successfully merging this pull request may close these issues.

dbAuth: Provide a possibility to disable certain flows completely
6 participants