nelsonic
commented
7 years ago @SimonLab I'm investigating Auth today. look forward to seeing your notes. 😉
Closed SimonLab closed 7 years ago
nelsonic
commented
7 years ago @SimonLab I'm investigating Auth today. look forward to seeing your notes. 😉
ghost
commented
7 years ago @SimonLab I tested the authentication and it works 👍
[x] The request action action is not defined in the AuthController, do we need it?
[x] The Ueberauth.Strategy.Helpers alias is defined but not used in AuthController
[x] Review the needed scope needed for dwylbot, the default scope are
["public_repo", "user"]see https://developer.github.com/v3/oauth/#scopes[x] Review the callback action where a "Successfully authenticated" message is displayed when the callback catch a failure
[x] The Github token seems to be saved directly in the user cookie. I think the cookie/session is encrypted by Phoenix I'm wondering if adding the token directly to the session is the right way to do it? How to use the token in other endpoints?More research/learning to do on this step
[x] Add OAuth Github diagram and explanation to the readme, I spend each time more than an 1h to remember all the details of the OAuth flow and I'm always afraid to miss an important step