You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In release v1.18.0 we have made some large refactors to our code to simplify and improve the authentication logic.
Authentication now works as follows on each endpoint, if failing, it will continue to the next stage:
Check if the table is open to the public via the _llana_public_tables and ensure the endpoint matches the access_level granted
Check if the database is open via the SKIP_AUTH .env flag
Authenticate the user
Performs the role-based checks via the llana_roles table
I have dropped support for _llana_auth, which was confusing to administrate and handle via our codebase.
I have introduced the allowed_fields option for role-based support, which allows you to specify which fields can be returned to users based on their role.
I added many more tests around role-based permissions to ensure they are respected.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
Hi Guys,
In release v1.18.0 we have made some large refactors to our code to simplify and improve the authentication logic.
Authentication now works as follows on each endpoint, if failing, it will continue to the next stage:
_llana_public_tablesand ensure the endpoint matches theaccess_levelgrantedSKIP_AUTH.env flagllana_rolestableI have dropped support for
_llana_auth, which was confusing to administrate and handle via our codebase.I have introduced the
allowed_fieldsoption for role-based support, which allows you to specify which fields can be returned to users based on their role.I added many more tests around role-based permissions to ensure they are respected.
Beta Was this translation helpful? Give feedback.
All reactions