Closed riverrun closed 8 years ago
@riverrun will it still be part of openmaize or will it be a separate app?
All the authorization functions will be available by using a mix generator (as long as you are using Phoenix), which will create an Authorize, and optionally, a Confirm module in the web/controllers
directory.
If you want more information, the work on this now on the master branch, and I'll be updating the hex package tomorrow.
@riverrun do you think a template can be added for user models?
In the case of user models, I think it will be difficult to do anything more than provide example functions as it would probably be used to update existing models, and doing this safely might be more trouble than it's worth. I will think about this further, though, and I'm sure there are several ways of helping developers get everything set up.
There's no need to do it safely — just add a function for generating models and a flag to turn it off. Users with existing models can just add things in manually.
At the moment, users can copy code from this example app and adapt it to their needs. I don't see much point in creating a generator which just provides a similar service, and I don't want to create a generator that overwrites existing models. I'll look into it further, and I'll let you know what I decide.
I want to narrow the focus of Openmaize to authentication and the handling of JWTs. There are many variables involved in handling authorization, or access control, and I think it would be better to provide guidelines to the web developers rather than any authorization module.
Related to this, and #22, I'm going to work on a Mix generator for authorization using Openmaize in a Phoenix project.