I am using ash_auth for password/google registration/signup.
I was looking into also using it to let a user connect to a 3rd party service so I can track tokens, but I do NOT want to enable registration or signup for that.
This doesn’t seem to be a use case that ash auth currently allows. True? I should just use assent directly?
While it might be possible to make that work, I know that it was not designed/tested for that kind of use case. I think a case could be made that it can/should be added to ash_auth, but for now I’d assume it’s not on the table. Perhaps open an issue on the repo to track that as a feature request? I imagine that if I or @jimsynz want to do something similar that we’re going to want to reuse all the goodies in AshAuthentication instead of hand rolling it from scratch.
PRs welcome for this kind of feature, although want to run it by @jimsynz as well 
I think you’re right @zachdaniel - it’s authentication adjacent so not really something I had considered. However, if you set up registration for this 3rd party service (let’s call it “guthib”) you can modify the register_with_guthib create action to only work if the user already exists. That way you can still utilise the identity resource to keep track of their tokens and keep them fresh. It is a bit of a hack, and you’d have to manually implement your sign in UI so that it didn’t provide the guthib option to your users. I would welcome a PR that adds the ability to add identities to authenticated users.
Good luck!
It dawned on me after a bit of tinkering that ash_auth wasn’t gonna be the right approach anyway for me. I have a model where a User can be part of multiple Organizations, and I need to tie the refresh_tokens to a UserOrg, not a User. That was going to mean I would need to have the UserOrg also be an identity for ash_auth, which just wasn’t right (since I would be forced to define a strategy).
Ultimately, assent was like ~30 lines of code spread across the router, controller, and a tiny OAuth module. (Plus a new resource to store the tokens).
Thank you for the feedback!
Glad you found a solution that works for you!
© Copyright Elixir Forum | Terms | Privacy & Cookies
