Let the docs website have access to user auth

[atopal]

We want to offer interactive examples in the docs that already include the users token. To do that we need to give the docs website access to the main website's auth.

Acceptance Criteria:

• [ ] docs website can access the token of a logged in web3.storage user.
• [ ] header state is preserved between sites

Could be related to: https://github.com/web3-storage/docs/pull/199

575

Alternative approach of putting docs at web3.storage/docs:

https://github.com/web3-storage/web3.storage/pull/596

[atopal]

cc @olizilla for anything I might have missed. and @zebateira since you'd be most likely the one to investigate here.

[zebateira]

With this POC we can see it's possible to have this working 100% in one direction: main site auth state -> docs site auth state, meaning, initial acceptance criteria are met. The way this would work for users is:

1. User lands on Main site
2. Login/Register
3. Go to docs site
4. Auth state is preserved and header nav is consistent.

But the other way around (docs -> main) would require a bit more work. So in the scenario where the user lands on the docs site and for some reason, is logged out from the main site, the docs site will need to handle this. Either redirect users to the main site to login and then come back (could be automatic with a redirect from the main website to the docs site), or allow users to login directly on the docs site (with a modal for example). The redirect scenario doesn't require more work, since the docs site will still get the auth from the main site. Allowing users to login directly on the docs site however, would then require more work so that users would not need to log in again on the main site after doing it on the docs. Meaning, have the main site also pull the auth state from the docs site as well.

Makes sense? I'm trying to layout auth user flows alternatives withing the docs site so that we can make a decision about authenticated users experience cross sites.

So my main question is: should those two initial acceptance criteria be the only ones we need to take into consideration, or should we also include the user's experience of authentication?

[zebateira]

Another thing to take into account is the logout button: I haven't tested it, but I'm almost 100% sure the logout will work from the docs site. However, this means that the main site tab will go out of sync with the docs auth state. If you click any link it will redirect back to the login screen so I don't see an issue. Is there an issue with this approach? I think it shouldn't be a problem since this can already happen when a user has multiple tabs of the main site, and one of them is logged in and another old one is not.

[atopal]

For login: let's keep it simple and do the redirect. Re log-out: I think it's fine as long as the next time you load the main page it's logged out too.

[zebateira]

I suggest to revisit this after https://github.com/web3-storage/docs/pull/183 is merged (I still need to review it). Since the work on the nav bar to show the user auth state would be completely rewritten on the docusaurus port (vue vs react).

[JeffLowe]

Currently blocked until docs is complete on /docs route.

[JeffLowe]

Also @Codigo-Fuentes need to ensure that the top nav "Doc" links lead to the new route.

[JeffLowe]

Should reevaluate this after new web3 site launches

[JeffLowe]

closing this as not needed given new website launch (and the fact this req is tracked elsewhere)