Comments (6)
Oh, interesting. I might be able to help with it. I'll have need of something like that in my app in a couple of weeks.
from auth.
I've posted a pitch on the forum here with some ideas: https://forums.swift.org/t/pitch-vapor-4-authorization-system/22980
from auth.
I like the implementation above but I feel like authentication and authorization shouldn't be part of the same package. This should be separate.
from auth.
This actually was a part of the first version of this package, we just didn't have time to port it over during Vapor 3's release. See: https://github.com/vapor/auth/tree/1.2.1/Sources/Authorization
Hopefully I'll have time for Vapor 4's release to work on it. I think the "policy" idea here is interesting. I also like how Laravel does it: https://laravel.com/docs/5.8/authorization.
from auth.
Cool, that would be greatly appreciated. For this large of a change, I'd recommend doing a pitch first to really flesh out the idea and get feedback before code is written. You can see a couple examples of that here:
https://forums.swift.org/tags/c/related-projects/vapor/pitch
from auth.
Hi @tanner0101
I started a generic package for RBAC. It's currently stalled as it can't compile with Swift 5 due to a regression I logged with the Swift team. It's based off the NIST model. I've used it with Yii and it allowed me really granular control over routes and to apply custom rule files to those routes. I was hoping to get it finished before Vapor 4. But depends on when this bug is fixed.
But if it sounds like it or aspects of it might be useful let me know i'd be happy to help. Gotta earn that contributor/maintainer badge somehow :)
from auth.
Related Issues (20)
- Conforming Fluent models to BasicAuthenticable when username/password types are optional (i.e. String?) HOT 4
- Can not generate Xcode project HOT 2
- Protected routes can still be hit after calling `unauthenticate(_:)` HOT 4
- Should AuthenticationCache be public? HOT 2
- Stable release? HOT 3
- Route using SQLite model and SessionMiddleware timeouts when ran on ubuntu. HOT 4
- unauthenticate() should remove session when using authSessionsMiddleware
- consider including JWT by default HOT 5
- web session cookie expired on login HOT 1
- Would it be possible to avoid depending on the Vapor package?
- Unable to remove sessions with AuthenticationSessionsMiddleware enabled HOT 3
- Problem with Auth 2.0.2 HOT 2
- /Sources/Authentication/Persist/SessionAuthenticatable.swift:44:19: error: value of type 'Request' has no member 'hasSession'; did you mean 'session'? HOT 2
- Token should be encrypted HOT 6
- Remove reliance on DatabaseKit/Fluent HOT 4
- `AuthenticationSessionsMiddleware` should use a connection pool HOT 10
- Request has no member 'hasSession' HOT 9
- Using token and session auth should not run both HOT 9
- Auth doesn't finish build with vapor 4 HOT 1
- BasicAuthenticatable for non-final classes HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from auth.