mirror of
https://github.com/team-alembic/ash_authentication.git
synced 2024-09-19 12:52:55 +12:00
chore: analytics in hexdocs
chore: update cheat sheets
This commit is contained in:
parent
857aaa3f1e
commit
bb9b3d7655
4 changed files with 7 additions and 298 deletions
|
@ -54,99 +54,6 @@ to, so expired tokens can be automatically removed by adding the
|
|||
will start the `AshAuthentication.TokenResource.Expunger` `GenServer` which
|
||||
periodically scans and removes any expired records.
|
||||
|
||||
<!--- ash-hq-hide-start --> <!--- -->
|
||||
|
||||
## Dsl
|
||||
|
||||
### Index
|
||||
|
||||
* token
|
||||
* revocation
|
||||
* confirmation
|
||||
|
||||
### Docs
|
||||
|
||||
## token
|
||||
|
||||
Configuration options for this token resource
|
||||
|
||||
* [revocation](#module-revocation)
|
||||
* [confirmation](#module-confirmation)
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
---
|
||||
|
||||
* `:api` (`t:atom/0`) - Required. The Ash API to use to access this resource.
|
||||
|
||||
* `:expunge_expired_action_name` (`t:atom/0`) - The name of the action used to remove expired tokens. The default value is `:expunge_expired`.
|
||||
|
||||
* `:read_expired_action_name` (`t:atom/0`) - The name of the action use to find all expired tokens.
|
||||
Used internally by the `expunge_expired` action. The default value is `:read_expired`.
|
||||
|
||||
* `:expunge_interval` (`t:pos_integer/0`) - How often to remove expired records.
|
||||
How often to scan this resource for records which have expired, and thus can be removed. The default value is `12`.
|
||||
|
||||
* `:store_token_action_name` (`t:atom/0`) - The name of the action to use to store a token.
|
||||
Used if `store_all_tokens?` is enabled in your authentication resource. The default value is `:store_token`.
|
||||
|
||||
* `:get_token_action_name` (`t:atom/0`) - The name of the action used to retrieve tokens from the store.
|
||||
Used if `require_token_presence_for_authentication?` is enabled in your authentication resource. The default value is `:get_token`.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
### revocation
|
||||
|
||||
Configuration options for token revocation
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
---
|
||||
|
||||
* `:revoke_token_action_name` (`t:atom/0`) - The name of the action used to revoke tokens. The default value is `:revoke_token`.
|
||||
|
||||
* `:is_revoked_action_name` (`t:atom/0`) - The name of the action used to check if a token is revoked. The default value is `:revoked?`.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
### confirmation
|
||||
|
||||
Configuration options for confirmation tokens
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
---
|
||||
|
||||
* `:store_changes_action_name` (`t:atom/0`) - The name of the action used to store confirmation changes. The default value is `:store_confirmation_changes`.
|
||||
|
||||
* `:get_changes_action_name` (`t:atom/0`) - The name of the action used to get confirmation changes. The default value is `:get_confirmation_changes`.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
<!--- ash-hq-hide-stop --> <!--- -->
|
||||
|
||||
|
||||
## token
|
||||
Configuration options for this token resource
|
||||
|
|
|
@ -46,61 +46,6 @@ end
|
|||
If you intend to operate with multiple user resources, you will need to define
|
||||
multiple user identity resources.
|
||||
|
||||
<!--- ash-hq-hide-start --> <!--- -->
|
||||
|
||||
## Dsl
|
||||
|
||||
### Index
|
||||
|
||||
* user_identity
|
||||
|
||||
### Docs
|
||||
|
||||
## user_identity
|
||||
|
||||
Configure identity options for this resource
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
---
|
||||
|
||||
* `:api` (`t:atom/0`) - Required. The Ash API to use to access this resource.
|
||||
|
||||
* `:user_resource` (`t:atom/0`) - Required. The user resource to which these identities belong.
|
||||
|
||||
* `:uid_attribute_name` (`t:atom/0`) - The name of the `uid` attribute on this resource. The default value is `:uid`.
|
||||
|
||||
* `:strategy_attribute_name` (`t:atom/0`) - The name of the `strategy` attribute on this resource. The default value is `:strategy`.
|
||||
|
||||
* `:user_id_attribute_name` (`t:atom/0`) - The name of the `user_id` attribute on this resource. The default value is `:user_id`.
|
||||
|
||||
* `:access_token_attribute_name` (`t:atom/0`) - The name of the `access_token` attribute on this resource. The default value is `:access_token`.
|
||||
|
||||
* `:access_token_expires_at_attribute_name` (`t:atom/0`) - The name of the `access_token_expires_at` attribute on this resource. The default value is `:access_token_expires_at`.
|
||||
|
||||
* `:refresh_token_attribute_name` (`t:atom/0`) - The name of the `refresh_token` attribute on this resource. The default value is `:refresh_token`.
|
||||
|
||||
* `:upsert_action_name` (`t:atom/0`) - The name of the action used to create and update records. The default value is `:upsert`.
|
||||
|
||||
* `:destroy_action_name` (`t:atom/0`) - The name of the action used to destroy records. The default value is `:destroy`.
|
||||
|
||||
* `:read_action_name` (`t:atom/0`) - The name of the action used to query identities. The default value is `:read`.
|
||||
|
||||
* `:user_relationship_name` (`t:atom/0`) - The name of the belongs-to relationship between identities and users. The default value is `:user`.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
<!--- ash-hq-hide-stop --> <!--- -->
|
||||
|
||||
|
||||
## user_identity
|
||||
Configure identity options for this resource
|
||||
|
|
|
@ -83,156 +83,6 @@ supervision tree. See [the Elixir
|
|||
docs](https://hexdocs.pm/elixir/Application.html#module-the-application-callback-module)
|
||||
for more information.
|
||||
|
||||
<!--- ash-hq-hide-start --> <!--- -->
|
||||
|
||||
## DSL Documentation
|
||||
|
||||
### Index
|
||||
|
||||
* authentication
|
||||
* tokens
|
||||
* strategies
|
||||
* add_ons
|
||||
|
||||
### Docs
|
||||
|
||||
## authentication
|
||||
|
||||
Configure authentication for this resource
|
||||
|
||||
* [tokens](#module-tokens)
|
||||
* [strategies](#module-strategies)
|
||||
* [add_ons](#module-add_ons)
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
---
|
||||
|
||||
* `:subject_name` (`t:atom/0`) - The subject name is used anywhere that a short version of your
|
||||
resource name is needed, eg:
|
||||
- generating token claims,
|
||||
- generating routes,
|
||||
- form parameter nesting.
|
||||
This needs to be unique system-wide and if not set will be inferred
|
||||
from the resource name (ie `MyApp.Accounts.User` will have a subject
|
||||
name of `user`).
|
||||
|
||||
* `:api` (`t:atom/0`) - Required. The name of the Ash API to use to access this resource when
|
||||
doing anything authenticaiton related.
|
||||
|
||||
* `:get_by_subject_action_name` (`t:atom/0`) - The name of the read action used to retrieve records.
|
||||
Used internally by `AshAuthentication.subject_to_user/2`. If the
|
||||
action doesn't exist, one will be generated for you. The default value is `:get_by_subject`.
|
||||
|
||||
* `:select_for_senders` (list of `t:atom/0`) - A list of fields that we will ensure are selected whenever a sender will be invoked.
|
||||
This is useful if using something like `ash_graphql` which by default only selects
|
||||
what fields appear in the query, and if you are exposing these actions that way.
|
||||
Defaults to `[:email]` if there is an `:email` attribute on the resource, and `[]`
|
||||
otherwise.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
### tokens
|
||||
|
||||
Configure JWT settings for this resource
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
---
|
||||
|
||||
* `:enabled?` (`t:boolean/0`) - Should JWTs be generated by this resource? The default value is `false`.
|
||||
|
||||
* `:store_all_tokens?` (`t:boolean/0`) - Store all tokens in the `token_resource`?
|
||||
Some applications need to keep track of all tokens issued to
|
||||
any user. This is optional behaviour with `ash_authentication`
|
||||
in order to preserve as much performance as possible. The default value is `false`.
|
||||
|
||||
* `:require_token_presence_for_authentication?` (`t:boolean/0`) - Require a locally-stored token for authentication?
|
||||
This inverts the token validation behaviour from requiring that
|
||||
tokens are not revoked to requiring any token presented by a
|
||||
client to be present in the token resource to be considered
|
||||
valid.
|
||||
Requires `store_all_tokens?` to be `true`. The default value is `false`.
|
||||
|
||||
* `:signing_algorithm` (`t:String.t/0`) - The algorithm to use for token signing.
|
||||
Available signing algorithms are;
|
||||
EdDSA, Ed448ph, Ed448, Ed25519ph, Ed25519, PS512, PS384, PS256, ES512, ES384, ES256, RS512, RS384, RS256, HS512, HS384 and HS256. The default value is `"HS256"`.
|
||||
|
||||
* `:token_lifetime` - How long a token should be valid.
|
||||
Since refresh tokens are not yet supported, you should
|
||||
probably set this to a reasonably long time to ensure
|
||||
a good user experience.
|
||||
You can either provide a tuple with a time unit, or a positive
|
||||
integer, in which case the unit is assumed to be hours.
|
||||
Defaults to 14 days. The default value is `{14, :days}`.
|
||||
|
||||
* `:token_resource` - Required. The resource used to store token information.
|
||||
If token generation is enabled for this resource, we need a place to
|
||||
store information about tokens, such as revocations and in-flight
|
||||
confirmations.
|
||||
|
||||
* `:signing_secret` - The secret used to sign tokens.
|
||||
Takes either a module which implements the `AshAuthentication.Secret`
|
||||
behaviour, a 2 arity anonymous function or a string.
|
||||
See the module documentation for `AshAuthentication.Secret` for more
|
||||
information.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
### strategies
|
||||
|
||||
Configure authentication strategies on this resource
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
---
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
### add_ons
|
||||
|
||||
Additional add-ons related to, but not providing authentication
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
---
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
<!--- ash-hq-hide-stop --> <!--- -->
|
||||
|
||||
|
||||
## authentication
|
||||
Configure authentication for this resource
|
||||
|
|
7
mix.exs
7
mix.exs
|
@ -28,6 +28,13 @@ defmodule AshAuthentication.MixProject do
|
|||
groups_for_extras: extra_documentation_groups(),
|
||||
extra_section: "GUIDES",
|
||||
formatters: ["html"],
|
||||
before_closing_head_tag: fn type ->
|
||||
if type == :html do
|
||||
"""
|
||||
<script defer data-domain="ashhexdocs" src="https://plausible.io/js/script.js"></script>
|
||||
"""
|
||||
end
|
||||
end,
|
||||
filter_modules: ~r/^Elixir.AshAuthentication/,
|
||||
source_url_pattern:
|
||||
"https://github.com/team-alembic/ash_authentication/blob/main/%{path}#L%{line}",
|
||||
|
|
Loading…
Reference in a new issue