ash-project/ash_authentication
1
0
Fork 0
mirror of https://github.com/team-alembic/ash_authentication.git synced 2024-09-19 21:03:23 +12:00
Code Issues Projects Releases Packages Wiki Activity
ash_authentication/documentation/topics/policies-on-authentication-resources.md

18 lines
805 B
Markdown
Raw Permalink Normal View History

improvement: add policy utilities and accompanying guide (#119) * improvement: add policy utilities and accompanying guide fix: improve some error message/validation logic * chore: update castore & fix check definition * improvement: fix build/warnings/dialyzer/format * chore: add private context to new `get_token` action. * chore: fix build. I'd rather have the warning than a build failure. Co-authored-by: James Harton <james@harton.nz>
2023-01-12 15:34:41 +13:00
# Policies on Authenticated Resources
Typically, we want to lock down our `User` resource pretty heavily, which, in Ash, involves writing policies. However, AshAuthentication will be calling actions on your user/token resources. To make this more convenient, all actions run with `AshAuthentication` will set a special context. Additionally a check is provided that will check if that context has been set: `AshAuthentication.Checks.AshAuthenticationInteraction`. Using this you can write a simple bypass policy on your user/token resources like so:
```elixir
policies do
bypass always() do
authorize_if AshAuthentication.Checks.AshAuthenticationInteraction
end
# or, pick your poison
bypass AshAuthentication.Checks.AshAuthenticationInteraction do
authorize_if always()
end
end
```
Reference in a new issue Copy permalink