local-it/mitgliederverwaltung
2
3
Fork 0
Code Issues 51 Pull requests 13 Projects 1 Releases Packages 1 Activity Actions

Explicitly require ash authentication settings

Browse source 
Previously, we'd rely on defaults for configuring user token
authentication. With these changes, we explicitly require
:session_identifier and :require_token_presence_for_authentication to be
configured in the application environment to make sure the system is
configured the way it should be.
This commit is contained in:
Rafael Epplée 2025-09-11 11:49:23 +02:00
parent 96085ea420
commit a3746dfaaa
No known key found for this signature in database
GPG key ID: B4EFE6DC59FAE118
1 changed files with 3 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

7
lib/accounts/user.ex
View file

@ -19,16 +19,15 @@ defmodule Mv.Accounts.User do
Currently password and SSO with Rauthy as OIDC provider
"""
authentication do
session_identifier Application.compile_env(:mv, :session_identifier, :jti)
session_identifier Application.compile_env!(:mv, :session_identifier)
tokens do
enabled? true
token_resource Mv.Accounts.Token
require_token_presence_for_authentication? Application.compile_env(
require_token_presence_for_authentication? Application.compile_env!(
:mv,
:require_token_presence_for_authentication,
false
:require_token_presence_for_authentication
)
store_all_tokens? true