Comments (5)
i suppose these things aren't as well documented by hoodie for two reasons:
- they're under development (so subject to change)
- they're common themes across web apps.
django, for example, has excellent documentation of sessions, admin actions, and groups (analogous to roles).
a little more documentation could definitely be helpful, however, as hoodie is a little different than libraries for the server-side. an easy way to get started on such documentation might be in the form of brief descriptions, links to other projects, and then descriptions of the difference (or possibly "the hoodie difference β’/β") between these terms as they're used in other libraries and what they mean wrt. hoodie.
from hoodie-account-client.
Sorry this is all in the flux, better documentation is lucking, but let me give this a spin.
What are sessions? What do I use them for?
For now, hoodieAdmin.sessions
only support the add
method, because CouchDB keeps no state of sessions, so things like hoodieAdmin.sessions.findAll()
or hoodieAdmin.sessions.on("remove", handler)
cannot be implemented at this time.
hoodieAdmin.sessions.add({username: 'courajs'})
allows us is to generate a valid session for user "'courajs'", helpful for debugging issues with your app for example.
Requests
This definitely need some explanation. Requests is a simple way to extend the hoodie-account-server
βs logic. A request is for example "passwordreset", another request could be "upgrade", which would require e.g. a stripe token and if successful it would update the userβs account to a new plan.
You can pass a requests
option to the hoodie-account-server hapi plugin. Requests are also not yet persisted, but will be in future.
Tokens
Tokens allow a user to sign in / authenticate once. For example, instead of sending a new password in an email as response to a password reset request, we should send a token. We would store this token in the user account and remove it once it has been used.
Roles
Roles can be used for things like user groups, sharing data, etc. Roles directly map to CouchDBβs roles, they can be used to give a user read/write access to a database.
For example, we want to implement user groups in the future, probably as a plugin. The plugin would listen for a new signup, store the company of the user in a separate database like groups
, then take the document id (say itβs groupid123
) and create a new database "group/groupid123
". Then we would add a role group/groupid123
to the users account and start replicating between the userβs database and the groupβs database. The user could then add more user accounts for their colleagues, and each user would get the same role and also a replication to the group database, so all users from the same group can collaborate on their groups data.
from hoodie-account-client.
Awesome! Chatting with @gr2m I also asked how you use the sessions generated by sessions.add()
. Essentially it's a low-level primitive, so that isn't really determined yet. You could perhaps write a function to place the sessionId into localStorage, "taking over" that session. Or you could perhaps use it to create a valid session in another browser to have your admin & user-specific sessions at the same time.
from hoodie-account-client.
to have your admin & user-specific sessions at the same time
as a side note, we do not use cookies but send session ids in request headers, so you can have several sessions at the same time in the same browser. For example you can be signed in as an admin and as a user, which is why we can put the admin dashboard at /hoodie/admin
on the same domain, without interfering with an existing user session
from hoodie-account-client.
Good to know π
from hoodie-account-client.
Related Issues (20)
- π― test coverage
- when fetching account from remote succeeds, we should unset `session.invalid` HOT 1
- An in-range update of browserify is breaking the build π¨ HOT 1
- Prevent signIn/Up if already signed in (session exists)
- signIn() does not store the roles property
- account.signOut while offline HOT 7
- Question: why does sign in omit the session information? HOT 2
- An in-range update of uglify-js is breaking the build π¨ HOT 66
- An in-range update of semantic-release is breaking the build π¨ HOT 1
- An in-range update of semantic-release is breaking the build π¨ HOT 1
- An in-range update of semantic-release is breaking the build π¨ HOT 34
- An in-range update of lodash is breaking the build π¨ HOT 4
- The automated release is failing π¨
- An in-range update of nock is breaking the build π¨ HOT 6
- An in-range update of tap-min is breaking the build π¨ HOT 1
- An in-range update of before-after-hook is breaking the build π¨ HOT 5
- An in-range update of npm-run-all is breaking the build π¨ HOT 2
- An in-range update of tape is breaking the build π¨ HOT 9
- An in-range update of rimraf is breaking the build π¨ HOT 3
- An in-range update of browserify is breaking the build π¨ HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. πππ
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google β€οΈ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from hoodie-account-client.