Closed simonw closed 1 year ago
These look like the relevant headers:
X-Sandstorm-Username
X-Sandstorm-User-Id
("This header is not sent at all for anonymous users.")X-Sandstorm-Permissions
X-Sandstorm-Preferred-Handle
X-Sandstorm-User-Picture
X-Sandstorm-User-Pronouns
Everything except X-Sandstorm-Tab-Id
.
I'm going to map these to keys in the "actor"
dictionary like so:
X-Sandstorm-Username
-> username
X-Sandstorm-User-Id
-> id
X-Sandstorm-Permissions
-> permissions
X-Sandstorm-Preferred-Handle
-> preferred_handle
X-Sandstorm-User-Picture
-> `picture'X-Sandstorm-User-Pronouns
-> pronouns
Note that username
is treated specially by this Datasette function, used to show the user's logged in state in the navigation bar: https://github.com/simonw/datasette/blob/5aa359b86907d11b3ee601510775a85a90224da8/datasette/utils/__init__.py#L1036-L1040
def display_actor(actor):
for key in ("display", "name", "username", "login", "id"):
if actor.get(key):
return actor[key]
return str(actor)
X-Sandstorm-Username
is percent encoded, needs to be decoded.
I'm going to turn permissions
into a list - or an empty list.
https://docs.sandstorm.io/en/latest/developing/auth/ documents the headers.
Discord conversation: https://discord.com/channels/823971286308356157/996877076982415491/1017843070097698946