mirror of
https://github.com/team-alembic/ash_authentication.git
synced 2024-09-21 13:53:25 +12:00
119 lines
4.3 KiB
Markdown
119 lines
4.3 KiB
Markdown
<!--
|
|
This file was generated by Spark. Do not edit it by hand.
|
|
-->
|
|
# DSL: AshAuthentication.TokenResource
|
|
|
|
This is an Ash resource extension which generates the default token resource.
|
|
|
|
The token resource is used to store information about tokens that should not
|
|
be shared with the end user. It does not actually contain any tokens.
|
|
|
|
For example:
|
|
|
|
* When an authentication token has been revoked
|
|
* When a confirmation token has changes to apply
|
|
|
|
## Storage
|
|
|
|
The information stored in this resource is essentially ephemeral - all tokens
|
|
have an expiry date, so it doesn't make sense to keep them after that time has
|
|
passed. However, if you have any tokens with very long expiry times then we
|
|
suggest you store this resource in a resilient data-layer such as Postgres.
|
|
|
|
## Usage
|
|
|
|
There is no need to define any attributes or actions (although you can if you
|
|
want). The extension will wire up everything that's needed for the token
|
|
system to function.
|
|
|
|
```
|
|
defmodule MyApp.Accounts.Token do
|
|
use Ash.Resource,
|
|
data_layer: AshPostgres.DataLayer,
|
|
extensions: [AshAuthentication.TokenResource],
|
|
domain: MyApp.Accounts
|
|
|
|
postgres do
|
|
table "tokens"
|
|
repo MyApp.Repo
|
|
end
|
|
end
|
|
```
|
|
|
|
Whilst it is possible to have multiple token resources, there is no need to do
|
|
so.
|
|
|
|
## Removing expired records
|
|
|
|
Once a token has expired there's no point in keeping the information it refers
|
|
to, so expired tokens can be automatically removed by adding the
|
|
`AshAuthentication.Supervisor` to your application supervision tree. This
|
|
will start the `AshAuthentication.TokenResource.Expunger` `GenServer` which
|
|
periodically scans and removes any expired records.
|
|
|
|
|
|
## token
|
|
Configuration options for this token resource
|
|
|
|
### Nested DSLs
|
|
* [revocation](#token-revocation)
|
|
* [confirmation](#token-confirmation)
|
|
|
|
|
|
|
|
|
|
|
|
### Options
|
|
|
|
| Name | Type | Default | Docs |
|
|
|------|------|---------|------|
|
|
| [`domain`](#token-domain){: #token-domain } | `module` | | The Ash domain to use to access this resource. |
|
|
| [`expunge_expired_action_name`](#token-expunge_expired_action_name){: #token-expunge_expired_action_name } | `atom` | `:expunge_expired` | The name of the action used to remove expired tokens. |
|
|
| [`read_expired_action_name`](#token-read_expired_action_name){: #token-read_expired_action_name } | `atom` | `:read_expired` | The name of the action use to find all expired tokens. |
|
|
| [`expunge_interval`](#token-expunge_interval){: #token-expunge_interval } | `pos_integer` | `12` | How often to scan this resource for records which have expired, and thus can be removed. |
|
|
| [`store_token_action_name`](#token-store_token_action_name){: #token-store_token_action_name } | `atom` | `:store_token` | The name of the action to use to store a token, if `require_tokens_for_authentication?` is enabled in your authentication resource. |
|
|
| [`get_token_action_name`](#token-get_token_action_name){: #token-get_token_action_name } | `atom` | `:get_token` | The name of the action used to retrieve tokens from the store, if `require_tokens_for_authentication?` is enabled in your authentication resource. |
|
|
|
|
|
|
## token.revocation
|
|
Configuration options for token revocation
|
|
|
|
|
|
|
|
|
|
|
|
|
|
### Options
|
|
|
|
| Name | Type | Default | Docs |
|
|
|------|------|---------|------|
|
|
| [`revoke_token_action_name`](#token-revocation-revoke_token_action_name){: #token-revocation-revoke_token_action_name } | `atom` | `:revoke_token` | The name of the action used to revoke tokens. |
|
|
| [`is_revoked_action_name`](#token-revocation-is_revoked_action_name){: #token-revocation-is_revoked_action_name } | `atom` | `:revoked?` | The name of the action used to check if a token is revoked. |
|
|
|
|
|
|
|
|
|
|
## token.confirmation
|
|
Configuration options for confirmation tokens
|
|
|
|
|
|
|
|
|
|
|
|
|
|
### Options
|
|
|
|
| Name | Type | Default | Docs |
|
|
|------|------|---------|------|
|
|
| [`store_changes_action_name`](#token-confirmation-store_changes_action_name){: #token-confirmation-store_changes_action_name } | `atom` | `:store_confirmation_changes` | The name of the action used to store confirmation changes. |
|
|
| [`get_changes_action_name`](#token-confirmation-get_changes_action_name){: #token-confirmation-get_changes_action_name } | `atom` | `:get_confirmation_changes` | The name of the action used to get confirmation changes. |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<style type="text/css">.spark-required::after { content: "*"; color: red !important; }</style>
|