mirror of
https://github.com/team-alembic/ash_authentication.git
synced 2024-09-20 13:24:20 +12:00
99c20cce76
* chore(deps): Bump ash from 2.17.10 to 2.17.12 Bumps [ash](https://github.com/ash-project/ash) from 2.17.10 to 2.17.12. - [Release notes](https://github.com/ash-project/ash/releases) - [Changelog](https://github.com/ash-project/ash/blob/main/CHANGELOG.md) - [Commits](https://github.com/ash-project/ash/compare/v2.17.10...v2.17.12) --- updated-dependencies: - dependency-name: ash dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * docs: Update Spark DSL docs. --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: James Harton <james@harton.nz>
122 lines
4.4 KiB
Markdown
122 lines
4.4 KiB
Markdown
<!--
|
|
This file was generated by Spark. Do not edit it by hand.
|
|
-->
|
|
# DSL: AshAuthentication.TokenResource
|
|
|
|
This is an Ash resource extension which generates the default token resource.
|
|
|
|
The token resource is used to store information about tokens that should not
|
|
be shared with the end user. It does not actually contain any tokens.
|
|
|
|
For example:
|
|
|
|
* When an authentication token has been revoked
|
|
* When a confirmation token has changes to apply
|
|
|
|
## Storage
|
|
|
|
The information stored in this resource is essentially ephemeral - all tokens
|
|
have an expiry date, so it doesn't make sense to keep them after that time has
|
|
passed. However, if you have any tokens with very long expiry times then we
|
|
suggest you store this resource in a resilient data-layer such as Postgres.
|
|
|
|
## Usage
|
|
|
|
There is no need to define any attributes or actions (although you can if you
|
|
want). The extension will wire up everything that's needed for the token
|
|
system to function.
|
|
|
|
```
|
|
defmodule MyApp.Accounts.Token do
|
|
use Ash.Resource,
|
|
data_layer: AshPostgres.DataLayer,
|
|
extensions: [AshAuthentication.TokenResource]
|
|
|
|
token do
|
|
api MyApp.Accounts
|
|
end
|
|
|
|
postgres do
|
|
table "tokens"
|
|
repo MyApp.Repo
|
|
end
|
|
end
|
|
```
|
|
|
|
Whilst it is possible to have multiple token resources, there is no need to do
|
|
so.
|
|
|
|
## Removing expired records
|
|
|
|
Once a token has expired there's no point in keeping the information it refers
|
|
to, so expired tokens can be automatically removed by adding the
|
|
`AshAuthentication.Supervisor` to your application supervision tree. This
|
|
will start the `AshAuthentication.TokenResource.Expunger` `GenServer` which
|
|
periodically scans and removes any expired records.
|
|
|
|
|
|
## token
|
|
Configuration options for this token resource
|
|
|
|
### Nested DSLs
|
|
* [revocation](#token-revocation)
|
|
* [confirmation](#token-confirmation)
|
|
|
|
|
|
|
|
|
|
|
|
### Options
|
|
|
|
| Name | Type | Default | Docs |
|
|
|------|------|---------|------|
|
|
| [`api`](#token-api){: #token-api .spark-required} | `module` | | The Ash API to use to access this resource. |
|
|
| [`expunge_expired_action_name`](#token-expunge_expired_action_name){: #token-expunge_expired_action_name } | `atom` | `:expunge_expired` | The name of the action used to remove expired tokens. |
|
|
| [`read_expired_action_name`](#token-read_expired_action_name){: #token-read_expired_action_name } | `atom` | `:read_expired` | The name of the action use to find all expired tokens. Used internally by the `expunge_expired` action. |
|
|
| [`expunge_interval`](#token-expunge_interval){: #token-expunge_interval } | `pos_integer` | `12` | How often to remove expired records. How often to scan this resource for records which have expired, and thus can be removed. |
|
|
| [`store_token_action_name`](#token-store_token_action_name){: #token-store_token_action_name } | `atom` | `:store_token` | The name of the action to use to store a token. Used if `store_all_tokens?` is enabled in your authentication resource. |
|
|
| [`get_token_action_name`](#token-get_token_action_name){: #token-get_token_action_name } | `atom` | `:get_token` | The name of the action used to retrieve tokens from the store. Used if `require_token_presence_for_authentication?` is enabled in your authentication resource. |
|
|
|
|
|
|
## token.revocation
|
|
Configuration options for token revocation
|
|
|
|
|
|
|
|
|
|
|
|
|
|
### Options
|
|
|
|
| Name | Type | Default | Docs |
|
|
|------|------|---------|------|
|
|
| [`revoke_token_action_name`](#token-revocation-revoke_token_action_name){: #token-revocation-revoke_token_action_name } | `atom` | `:revoke_token` | The name of the action used to revoke tokens. |
|
|
| [`is_revoked_action_name`](#token-revocation-is_revoked_action_name){: #token-revocation-is_revoked_action_name } | `atom` | `:revoked?` | The name of the action used to check if a token is revoked. |
|
|
|
|
|
|
|
|
|
|
## token.confirmation
|
|
Configuration options for confirmation tokens
|
|
|
|
|
|
|
|
|
|
|
|
|
|
### Options
|
|
|
|
| Name | Type | Default | Docs |
|
|
|------|------|---------|------|
|
|
| [`store_changes_action_name`](#token-confirmation-store_changes_action_name){: #token-confirmation-store_changes_action_name } | `atom` | `:store_confirmation_changes` | The name of the action used to store confirmation changes. |
|
|
| [`get_changes_action_name`](#token-confirmation-get_changes_action_name){: #token-confirmation-get_changes_action_name } | `atom` | `:get_confirmation_changes` | The name of the action used to get confirmation changes. |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<style type="text/css">.spark-required::after { content: "*"; color: red !important; }</style>
|