Support being able to sign in via ash_authentication

[sevenseacat]

A standard API sign-in action from AA looks something like this -

read :sign_in_with_longlife_token do
  argument :username, :string, allow_nil?: false
  argument :password, :string, allow_nil?: false

  metadata :token, :string

  prepare set_context(%{
            token_type: :user,
            strategy_name: :password,
            private: %{ash_authentication?: true}
          })

  prepare AshAuthentication.Strategy.Password.SignInPreparation
end

And I came across two issues when trying to get this exposed in a JSON API.

• This is a read action to return a user record, so ash_json_api seems to only support connecting this as a get action (when it really should be a post).

  If attempting to make it a post with post :sign_in_with_longlife_token, route: "/sign_in", the following compilation error is raised -

Request: GET /api/open_api
** (exit) an exception was raised:
    ** (KeyError) key :accept not found in: %Ash.Resource.Actions.Read{
  arguments: [
    %Ash.Resource.Actions.Argument{
      allow_nil?: false,
      type: Ash.Type.String,
      name: :username...

It expects that the action will always have an accept option, which reads don't support.

• If leaving it as a get route, a successful login doesn't return the auth token as part of the response, and it doesn't seem to be includable/selectable as its stored as part of the metadata on the record, not an attribute.

[zachdaniel]

@sevenseacat I've pushed this to main. Feel free to try it out, but it will be a few days at least before a proper release is cut. The two major changes are allowing read actions to be used with the post route type, and adding a modify_conn/4 option that can be specified on any route. See the new authenticate-with-json-api.md guide for more details.

[sevenseacat]

Fantastic! Thank you 🫶