Skip to content

AuthLevel decorator #3439

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
May 28, 2025
Merged

AuthLevel decorator #3439

merged 1 commit into from
May 28, 2025

Conversation

CarsonF
Copy link
Member

@CarsonF CarsonF commented May 20, 2025
edited by bryanjnelson
Loading

Replacing Anonymous/LoggedIn decorators with an expanded AuthLevel.

This new one allows declaring that a session should not even be tried to be resumed, which is needed with our HTTP routes.

So the 3 levels:

  • sessionless - do not attempt a credential gathering from the request
  • anonymous - gather credential info & validate token is in db & resume session
  • authenticated - assert that the session is tied to a user aka "logged in"

Now SessionInterceptor doesn't have to make assumptions about the codebase.
It doesn't have to know to avoid starting a session for the session gql query.
It doesn't have to know to avoid starting a session for http requests unless
it has the session watermark/(session decorator).

This is a smaller PR but distinct with its business logic change, so I wanted to give it its own PR.

@CarsonF
create AuthLevel decorator to completely control SessionInterceptor
ab0732e 
Now `SessionInterceptor` doesn't have to make assumptions about the codebase.
It doesn't have to know to avoid starting a session for the `session` gql query.
It doesn't have to know to avoid starting a session for http requests unless
it has the session watermark/(session decorator).
@CarsonF CarsonF linked an issue May 27, 2025 that may be closed by this pull request
Auth Refactor 2025 #3476
Closed
bryanjnelson
bryanjnelson approved these changes May 27, 2025
View reviewed changes
Copy link
Contributor

@bryanjnelson bryanjnelson left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍🏼

Base automatically changed from refactor/identity to develop May 28, 2025 13:07
@CarsonF CarsonF merged commit b5d24d2 into develop May 28, 2025
15 checks passed
@CarsonF CarsonF deleted the auth-level branch May 28, 2025 13:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bryanjnelson bryanjnelson bryanjnelson approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Auth Refactor 2025
2 participants
@CarsonF @bryanjnelson