Spike more flexible user profile #3771
Conversation
jannyHou
force-pushed
the
spike/user-profile-with-passport
branch
from
097f14f to
d044af3
Compare
jannyHou
force-pushed
the
passport/move-to-extension
branch
from
33d1474 to
2c98238
Compare
There was a problem hiding this comment.
I am not able to review the high-level design and how it fits into the wider context of our authentication architecture, I'll leave that up to others (@raymondfeng?).
I have few minor comments to consider, see below.
...assport/src/__tests__/acceptance/authentication-with-passport-strategy-adapter.acceptance.ts
Outdated
Show resolved
Hide resolved
jannyHou
force-pushed
the
passport/move-to-extension
branch
3 times, most recently
from
b6b9d0a to
85fead5
Compare
jannyHou
force-pushed
the
spike/user-profile-with-passport
branch
3 times, most recently
from
1ce6cb7 to
d03e1ca
Compare
packages/authentication/src/types.ts
Outdated
| @@ -35,6 +35,10 @@ export interface AuthenticateFn { | |||
| (request: Request): Promise<UserProfile | undefined>; | |||
| } | |||
|
|
|||
| export interface UserToUserProfileConverterFn<U> { | |||
There was a problem hiding this comment.
Maybe name it as UserProfileBuilder?
There was a problem hiding this comment.
+1 to find a better name.
Personally, I would use UserProfileFactory (see Factory pattern).
The name UserProfileBuilder suggest a well-known Builder pattern, which we are NOT following in this API.
| See the corresponding change made in file 'authentication-with-passport-strategy-adapter.acceptance.ts': | ||
|
|
||
| - Type `UserProfileInDB` is defined to describe the custom user. In a real application it should be a custom User model. | ||
| - Define a converter function `converter` that turns an `UserProfileInDb` instance into a user profile. It's provided in the constructor when create the adapter. |
There was a problem hiding this comment.
I don't have enough knowledge of our authentication layer to be able to review this proposal in full depth.
I don't see any obvious problem on the first sight.
However, I am missing a list of the proposed follow-up tasks (the implementation plan) in the spike document.
| private readonly strategy: Strategy, | ||
| readonly name: string, | ||
| // The default converter returns an user as user profile | ||
| private userConverter: UserToUserProfileConverterFn<U> = (u: unknown) => { |
There was a problem hiding this comment.
This should be optional.
There was a problem hiding this comment.
@raymondfeng a default converter is provided (return the user as it is) therefore the converter here is not marked as optional :)
See discussion in #3771 (comment)
jannyHou
force-pushed
the
spike/user-profile-with-passport
branch
2 times, most recently
from
124d669 to
344c1f1
Compare
jannyHou
changed the title
| `@loopback/authentication` to help developers inject the factory wherever it's | ||
| needed. | ||
| - Add `userProfileFactory` as in `StrategyAdapter`'s constructor. |
There was a problem hiding this comment.
Add
userProfileFactoryas inStrategyAdapter's constructor.
Add userProfileFactory in StrategyAdapter's constructor.
| } | ||
| } | ||
|
|
||
| export const SAMPLE_USER_MIM_SET = { |
There was a problem hiding this comment.
SAMPLE_USER_MIM_SET
What's a MIM set? Did you mean MIN as in minimum?
There was a problem hiding this comment.
oh good catch on the typo
There was a problem hiding this comment.
All details LGTM. As I commented earlier, I don't have enough knowledge to review the big picture. Please get an approval from @raymondfeng and @emonddr before landing.
jannyHou
force-pushed
the
spike/user-profile-with-passport
branch
from
344c1f1 to
8c1e9fe
Compare
| @@ -2,21 +2,77 @@ | |||
|
|
|||
| connect to story https://github.com/strongloop/loopback-next/issues/2246 | |||
|
|
|||
| I picked the `authentication-passport` module to start the spike for more flexible user profile because compared with the custom authentication strategies, users have less control to the returned user when using the passport adapter. I believe if we could find a solution for the passport based strategies, applying similar approach to a custom strategy would be easy. | |||
| I picked the `authentication-passport` module to start the spike for more | |||
There was a problem hiding this comment.
I picked the authentication-passport module to start the spike for a more flexible user profile because, compared with the custom authentication
strategies, users have less control to over the returned user when using the passport
adapter. I believe that if we could find a solution for the passport based
strategies, applying a similar approach to a custom strategy would be easy.
|
|
||
| # Solution | ||
|
|
||
| A converter function is introduced to be passed into the `StrategyAdapter`'s constructor. It takes in a custom user, converts it to a user profile described by `UserProfile` then returns it. | ||
| A converter function is introduced to be passed into the `StrategyAdapter`'s |
There was a problem hiding this comment.
A converter function is introduced to be passed into the
StrategyAdapter's
A converter function is introduced to be passed into the StrategyAdapter's
|
|
||
| # Solution | ||
|
|
||
| A converter function is introduced to be passed into the `StrategyAdapter`'s constructor. It takes in a custom user, converts it to a user profile described by `UserProfile` then returns it. | ||
| A converter function is introduced to be passed into the `StrategyAdapter`'s | ||
| constructor. It takes in a custom user, converts it to a user profile described |
There was a problem hiding this comment.
It takes in a custom user, converts it to a user profile described by UserProfile , and then returns it.
| instance into a user profile. It's provided in the constructor when creating | ||
| the adapter. | ||
| - The converter is invoked in the strategy's `authentication()` function to make | ||
| sure it returns a user profile in type `UserProfile` |
There was a problem hiding this comment.
sure it returns a user profile in of type UserProfile
| - The app has a user model called `MyUser`, which has | ||
|
|
||
| - a property defined in `UserProfile` with same type |
|
I am closing this pull request as the spike is done. Creating follow-up stories: |
connect to #2246
Reviewers can read spike-user-profile.md to start.
Checklist
👉 Read and sign the CLA (Contributor License Agreement) 👈
npm testpasses on your machinepackages/cliwere updatedexamples/*were updated👉 Check out how to submit a PR 👈