-
Notifications
You must be signed in to change notification settings - Fork 6
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
User and Identity #8
Comments
I would love to have this. I built built the One question I have though is how should we ship that to the user of our module. Right now, applying changes on the schema of the user feels out-of-scope for me as I would like that module to stay close to the bare minimal integration of EdgeDB features offering. Maybe we could provide a toggleable feature that enables that What are your thoughts on the User model? |
Ok, so it turns out I was mistaken about Identities. I thought that every auth method (email/pwd as well as oauth) represents a different Identity that needs to be linked to a User. If I'm not mistaken though, there is only one Identity, which is the conceptual equivalent of a User in other frameworks. This one Identity can be authenticated by different means such as EmailPasswordFactor or via OAuth. Do you know how this works exactly? The EdgeDB docs are quite sparse in that regard. If an Identity is all you need to manage authentication and authorization, I think we shouldn't provide a User model since that's not the scope of a module. |
I would say this is a fairly blocking issue, as it's forcing a dbschema that doesn't match in many cases.
I would rather have to write a few hooks and queries to control the creation of the the user myself, than to be forced into a paradigm that doesn't fit my project. |
@tdolsen ; could you let me know how you would envision the perfect implementation for auth in your case? That would help me reflect on the usecases, as I'm not using auth myself on my project using this module. 😅 |
I'll give a little input, absolutely. 🙂 Note: I'm using EdgeDB auth and Nuxt for the first time as an experiment on a side project, and my experience with both are fairly new. (Long time Vue and EdgeDB user though.) This is just to mention that I'm still learning the internals, and that I might not know all possibilities in terms of lifecycle hooks and such.
|
Currently the authenticated User isn't exposed by the API directly but has to be retrieved separately using
ext::auth::Identity
. EdgeDB doesn't have the notion of a User, it knows only identities and a User is just another type that happens to be associated with an Identity.There is a lot of flexibility in this approach as the User type can be defined by the application and carry any additional information. However, it is more intuitive and practical to have the User as the primary object exposed by auth. Most applications will want to associate a User with other types (like author of a Post).
Currently the User is created as a side-effect when the Identity is retrieved:
nuxt-edgedb/src/runtime/api/auth/identity.ts
Lines 15 to 24 in 37ac5c4
That doesn't feel right, especially if you want to collect other data (like name) as part of the signup process. It's more intuitive to create the User in the signup handler instead of merely a side-effect in the identity handler. The email and password fields can be used to create the identity and all other fields are assigned to the User.
It might be good to allow for customizing the User type etc. but for now, I'd just require that if auth is enabled, there has to be a type named
User
which has to have at least an identity field.Just an idea so far. Let me know what you think!
The text was updated successfully, but these errors were encountered: