Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

docs: guide on keeping authentication/roles tables in the same database

See original GitHub issue

As is discussed in other issues like #1446, most applications will use the same database for User and other tables, thus the authentication server will share the access to the same database with hasura backend. So it will be good to have an optional built-in authentication endpoint in the hasura graphql engine.

One option is to have a customizable authenticate function similar to what graphile use in postgre db.

Issue Analytics

State:
Created 5 years ago
Reactions:17
Comments:10 (4 by maintainers)

Top GitHub Comments

9reactions

heyrictcommented, Mar 22, 2019

@coco98 Thank you for your clarification. I have edited the issue message to avoid confusion.

The reason I opened this issue is that I found it inconvenient to get a working authentication server especially for new hasura users.

To clarify, the current authentication process is:

setup hasura
design the database in hasura console
setup auth-server
customize auth-server to fit the database you designed (this step is not starter-friendly)

While what I think will be more convenient is:

setup hasura
design the database in hasura console
select the authentication logic in hasura console

I don’t know if implementing an integrated authentication will be difficult, but I think it is a good choice and worth discussion.

6reactions

richcorbscommented, Aug 23, 2019

I would like to +1 this feature request for an opt-in postgraphile-like basic authentication function inside of Hasura (and other supporting function like password change and user creation with password). For the following reasons:

At the stage my project is in I don’t want to maintain a separate server or integration with a 3rd party for auth/JWT. Nor does my project have a need for advanced features.
The speed of Hasura adoption would increase dramatically. Hasura would be even more game-changing than it already is!
When a project gets to the point where basic auth isn’t enough it can grow into more advanced solutions. It seems like a natural progression. Not every project needs (or knows it needs) advanced features.
Having the option to use a basic authentication function opens up a lot of possibilities for projects that are just getting started and doesn’t bind them to the more advanced solution.
Postgraphile has proven that an authentication function is doable.

Honest question: In a JWT solution “secure cookies” are not a concern, correct?

I think I would be happy with either JWT-based or session-based solution as long as I had access to the user attributes in the permissions tab.

Thanks for letting me chime in. 😃