Skip to content

feat(server:auth): add role to signToken #1131

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Aug 12, 2015
Merged

feat(server:auth): add role to signToken #1131

merged 1 commit into from
Aug 12, 2015

Conversation

Awk34
Copy link
Member

@Awk34 Awk34 commented Aug 5, 2015

add role as second parameter, and attach to jwt

closes #382

@Awk34
feat(server:auth): add role to signToken
2526ca5 
add role as second parameter, and attach to jwt

closes #382
@Awk34 Awk34 force-pushed the 382-signtoken-parameters branch from fae4869 to 2526ca5 Compare August 5, 2015 19:15
@Awk34 Awk34 added this to the 2.2.0 milestone Aug 5, 2015
@kingcody
Copy link
Member

kingcody commented Aug 6, 2015

No real issues with this, just curious why we don't roll the whole user.profile. Any thoughts?

@Awk34
Copy link
Member Author

Awk34 commented Aug 6, 2015

I think the jwt should stick to the more unchanging auth data. Role could
change more easily, but ID won't change and can be quickly used to get all
other data. Also, it keeps the size of the jwt small (since it's used in
every request).
On Aug 5, 2015 21:24, "Cody Mize" [email protected] wrote:

No real issues with this, just curious why we don't roll the whole
user.profile. Any thoughts?


Reply to this email directly or view it on GitHub
#1131 (comment)
.

@kingcody
Copy link
Member

kingcody commented Aug 6, 2015

In that case why include the role and not just correct the function usage signature?
(keeping the JWT small and restricted to unmutable data)

@Awk34
Copy link
Member Author

Awk34 commented Aug 8, 2015

We're not using it here yet, but I've seen other implementations with role. I think it's to aid in the speed of requests and auth checking

kingcody added a commit that referenced this pull request Aug 12, 2015
@kingcody
Merge pull request #1131 from DaftMonk/382-signtoken-parameters
50a7a98 
feat(server:auth): add role to signToken
@kingcody kingcody merged commit 50a7a98 into canary Aug 12, 2015
@kingcody kingcody mentioned this pull request Aug 12, 2015
Closed
@kingcody kingcody deleted the 382-signtoken-parameters branch August 26, 2015 08:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
3.0.0
Development

Successfully merging this pull request may close these issues.
2 participants
@Awk34 @kingcody