Open monacoremo opened 4 years ago
My idea was that this extension will serve as a template which other users can extend. So the focus shouldn't be on how to integrate with already existing schemas but having a basic users
table that can be extended. Perhaps with pg inheritance, like:
CREATE TABLE my_users (
my_attrs json
) INHERITS (pgrst_auth.users);
It's a tricky question I think - e.g. with the inheritance model, how would our helper functions for logging in etc. know which tables they should look at? The users of the extension would likely have to recreate all functions themselves...
TimescaleDB identifies the table that it connects to with an OID: https://docs.timescale.com/latest/api#create_hypertable
Maybe this is a possible solution? We could provide functions like setup_session_auth(schema, user_table, ..., apischema)
that sets up all the tables, views, functions and api endpoints?
I see the problem now. Then maybe we shouldn't make postgrest-auth a pg extension. The value is also not clear yet.
it'd be better to first integrate sessions with jwt in an auth schema and then point users to this repo on a how-to or tutorial.
Agree, an extension is not a good fit for now, we should start simple.
it'd be better to first integrate sessions with jwt in an auth schema
What do you have in mind? Would JWTs be an option next to email+password for the initial authentication? Integrating 2FA / OTP would be great also.
For now I think integrating what we have would be good. Additions can come progressively.
The tutorial form of https://github.com/monacoremo/postgrest-sessions-example/ is great but I'd like to have a code-only version of sessions here.
I'm wondering: How can we integrate with existing 'user' tables that the users of our extension will have? If we track sessions within the extension, we would like to have a foreign key constraint on that table. Or, if we also leave the sessions table to the users of our extension, how can it be used by the functions that we define?
Does it have to be passed as a global setting?
How do other stateful extensions handle this?