[docs] How to setup Passwordless authentication #7650
Conversation
|
Wow, thank you for sharing the passwordless documentation! It's awesome! I did notice that the link-based approach may not work for users who check their emails on a phone and use the web platform on a computer. I think a code approach for passwordless could be a great alternative (or a very good addition). What do you think? Thanks again for your work! |
|
@Olyno I'm not sure how to set that up. I think that might be a great extra. I guess my question is, is this good enough for a cookbook? |
|
It looks good to me. I'll do a more thorough test early next week, and then I'll be able to give more concrete feedback on the documentation. I'm also waiting to see if anyone from the project wants to give feedback on it, it would be a great addition. |
|
Nice work @jacebenson! Thanks for putting this together. I'm all for making this a cookbook for now, rather than modifying dbAuth. I'm trying to keep dbAuth as simple as possible for as long as possible, and this article shows that you can extend its functionality without having to modify the Redwood codebase. So you've actually run this code and it works? It's been a while since I worked on dbAuth, but I thought it wouldn't even call the login handler unless the user's email/password matched against the Some questions/feedback:
Great work! |
|
@cannikin I'll make those changes. I wasn't trying to disparage dbAuth. I love it, I just want my hands as clean as possible. I'll reword the bit about "storing hashed passwords and salts" Regarding I need to remove the I'll add some screenshots throughout. I'll add a conclusion I am running this in production for a site I'm messing with but let me patch that SDL before I go linking things. My Todos;
|
…d loginToken from SDLs, Added some screenshots, and added a concusion
| let randomNumber = (() => { | ||
| let random = CryptoJS.lib.WordArray.random(6) | ||
| let randomString = random.toString() | ||
| let sixDigitNumber = randomString.replace(/\D/g, '') | ||
| if (sixDigitNumber.length < 6) { | ||
| sixDigitNumber = sixDigitNumber.padStart(6, '0') | ||
| } | ||
| if (sixDigitNumber.length > 6) { | ||
| sixDigitNumber = sixDigitNumber.slice(0, 6) | ||
| } | ||
| return sixDigitNumber.toString() | ||
| })() | ||
| console.log({ randomNumber }) // email the user this number |
There was a problem hiding this comment.
I'm not sure if this is a great way to do this, if there's a better way I'm all ears. It works.
There was a problem hiding this comment.
hmm, what does WordArray return, letters and numbers? Is it possible it could return all letters, which would end up getting replaced with all zeros? That wouldn't be ideal. haha Is there a function that just returns random numbers? If not, maybe generate a way longer WordArray to start, so you're much more likely to end up with 6 digits?
There was a problem hiding this comment.
Thank you for your patience. I tried to follow your cookbook, but without success. Would it be possible to have more information about some parts?
Note that I have only used Redwood a few times, so I think I can help with the use of the passwordless as a beginner.
| ### 2. Setting up the generateToken function | ||
| Next, we need to create a function that will generate a token and an expiration date. | ||
|
|
||
| If you followed the tutorial, you might not have a `/api/src/services/users/users.js` file. If that's the case, you can create it. |
There was a problem hiding this comment.
How do i get this file? Using the latest Redwood version (4.2.0), and following the tutorial to setup the authentication, i don't have this file generated
|
Hey @jacebenson it would be awesome if @Olyno can verify that everything works as written...sounds like they're having an issue in the previous comment? |
Added extra text around how to generate the users service file.
👍 Co-authored-by: Olyno <[email protected]>
This is just how I prefer it, but really it does not matter one way or the other to me. Co-authored-by: Olyno <[email protected]>
|
Looks good except for my couple comments above! |
|
16 replays were recorded for e4bd240.
|
I missed that. Good catch. Co-authored-by: Olyno <[email protected]>
|
@jacebenson it looks like you replied to everyone's comments. Are you just waiting for us and/or final review? @Olyno let me know if your review is approved. |
|
@thedavidprice I think so. Let me know what else I can do to help move this along. |
Removed a double "a".
|
Merged 🚀 Thanks, everyone! |
* passwordless rough * Updated how-to to reword the intro, use Crypto to gen. number, removed loginToken from SDLs, Added some screenshots, and added a concusion * Updated intro again * Update dbauth-passwordless.md Added extra text around how to generate the users service file. * Update docs/docs/how-to/dbauth-passwordless.md 👍 Co-authored-by: Olyno <[email protected]> * Update docs/docs/how-to/dbauth-passwordless.md This is just how I prefer it, but really it does not matter one way or the other to me. Co-authored-by: Olyno <[email protected]> * Updated file based on reviews * Added import needed for service file * Removed unused loading/error variables * replaced send send wth send * Update docs/docs/how-to/dbauth-passwordless.md I missed that. Good catch. Co-authored-by: Olyno <[email protected]> * Update dbauth-passwordless.md Removed a double "a". --------- Co-authored-by: Olyno <[email protected]> Co-authored-by: Rob Cameron <[email protected]> Co-authored-by: David Price <[email protected]>
|
I see some formatting issues with the post I made mistakes on I'can't seem to resolve the git differences in this branch locally, I forgot two `` in the third section, and I can't count so there's two |
#6204 is an issue that @cannikin and @Olyno were discussing setting up passwordless auth on. I'm not sure if this makes sense to modify how dbauth works (and that's not in the core-repo anymore anyway!) or if adding a how-to to just make it work.
But, I went ahead and made it work and thought I'd add a very rough PR adding these notes.
I created the following repo from teh tutorial and checked in after installing dbauth, and then again after forcing it to be passwordless.
https://github.com/jacebenson/redwood-dbauth-passwordless
I know this is a WIP, but i'd rather put it out there then let it be forgotten on me.