Skip to content

refactor-user-tokens #922

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 12 commits into from
Mar 29, 2021
Merged

refactor-user-tokens #922

merged 12 commits into from
Mar 29, 2021

Conversation

TorstenDittmann
Copy link
Contributor

@TorstenDittmann TorstenDittmann commented Feb 19, 2021
edited
Loading

What does this PR do?

This PR removes login sessions from the Tokens collection and uses a new dedicated collection called Sessions for authentication tokens. It also decouples OAuth2 references from the User document and moves them to Sessions This will allow us in the future to easily extend the authentication with more providers.

Collections

  • Tokens
    • removes OS, Client and Device information rules
    • Stopped being used for login sessions
  • Sessions
    • introduces new Collection for login sessions
    • Rules:
      • userID
      • secret
      • provider (Determines what Login provider was used for this session: email, anonymous or any other OAuth2 provider)
      • providerUid (Unique identifier passed from the provider like E-Mail Address or User ID form an OAuth2 provider)
      • providerToken (optional - can store data like Access Token from OAuth2 Providers)
      • expire
      • userAgent
      • .... OS, Device and Client informations
  • Users
    • removes every oauth2 and oauth2AccessToken rule
    • adds Sessions collection to be used for authentication

Migration

Invalidate all Login Tokens, since they can't be migrated to the new structure. Reason for it is the missing distinction between E-Mail and OAuth2 tokens.

Also migrates every collection change.

Test Plan

Utilizes already present tests and added new test to check for duplicate collection rules.

Related PRs and Issues

none

Have you read the Contributing Guidelines on issues?

@TorstenDittmann TorstenDittmann marked this pull request as ready for review February 22, 2021 12:45
@eldadfux eldadfux changed the base branch from dev to 0.8.x March 1, 2021 21:06
eldadfux
eldadfux reviewed Mar 29, 2021
View reviewed changes
@TorstenDittmann
Copy link
Contributor Author

@eldadfux checked all the stuff, ready for review 🙂

@eldadfux
Copy link
Member

Looks good!

@eldadfux eldadfux merged commit cd6263e into appwrite:0.8.x Mar 29, 2021
@eldadfux eldadfux mentioned this pull request Apr 23, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@eldadfux eldadfux eldadfux approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@TorstenDittmann @eldadfux
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy