Improvements for composite auth

[yakovenkodenis]

Prerequisites

• [X] I have written a descriptive issue title
• [X] I have searched existing issues to ensure the feature has not already been requested

🚀 Feature Proposal

It seems that composite authentication should allow the or relation for sub-arrays, not only and.

It's currently stated in the docs that:

The arrays within an array always have an AND relationship.

but this feels like a limiting and unnecessary constraint.

Motivation

It seems natural for the relation inside an auth subarray to be the opposite of the main array relation.

The only current use-case for composite auth looks like this:

fastify.auth([f1, f2, [f3, f4]], { relation: 'or' })

which results in the f1 OR f2 OR (f3 AND f4) logical expression.

However, it might be also useful to allow composite auth when relation is 'and', so that the code below

fastify.auth([f1, f2, [f3, f4]], { relation: 'and' })

would result in the following logical expression: f1 AND f2 AND (f3 OR f4).

Basically, when the main (default) array relation is and we want the relation for sub-arrays to be or, and vice versa (like with the current implementation): when the main array relation is or the relation inside subarrays is and.

Example

Current implementation of composite auth only allows a single use-case:

preHandler: fastify.auth([
  [fastify.f1, fastify.f2], // relation inside is AND
  fastify.f3
], {
  relation: 'or'
}),

It would be great to allow also the oppisite use-case:

preHandler: fastify.auth([
  [fastify.f1, fastify.f2], // relation inside is OR
  fastify.f3
], {
  relation: 'and'
}),

[mcollina]

Thanks for reporting! Would you like to send a Pull Request to address this issue? Remember to add unit tests.

[yakovenkodenis]

Yes, I'll give it a try

[yakovenkodenis]

The PR is ready for review: https://github.com/fastify/fastify-auth/pull/217

[mcollina]

Released in v4.5.0