You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hi,
I'm using Guardian to perform authentication on some APIs. Those APIs are only responsible of verifying JWTs, so they just have access to the public key as those tokens are emitted and signed by a third party.
To support multitenancy, I have some code similar to this in my application (the :current_tenant in the conn gets populated by another upstream plug which in turn populates it based on the slug in the path):
and then I use MyApp.VerifyHeader instead of Guardian.Plug.VerifyHeader.
Now, all of this works for my specific usecase, but I feel that it would be nice to have something similar to the Guardian.Token.Jwt.SecretFetcher at the Plug level, so you could retrieve different secrets at runtime based on information contained in the Plug.
I assume this could be implemented as a behaviour where you have to implement the fetch_verifying_secret function, or you could pass an MFA to Guardian.Plug.VerifyHeader. I'd be interested on submitting a PR if you think this feature could be useful (in that case let me know which of the approaches you'd prefer).
The text was updated successfully, but these errors were encountered:
This issue has been automatically marked as "stale:discard". If this issue still relevant, please leave any comment (for example, "bump"), and we'll keep it open. We are sorry that we haven't been able to prioritize it yet. If you have any new additional information, please include it with your comment.
Hi,
I'm using Guardian to perform authentication on some APIs. Those APIs are only responsible of verifying JWTs, so they just have access to the public key as those tokens are emitted and signed by a third party.
To support multitenancy, I have some code similar to this in my application (the
:current_tenant
in theconn
gets populated by another upstream plug which in turn populates it based on the slug in the path):and then I use
MyApp.VerifyHeader
instead ofGuardian.Plug.VerifyHeader
.Now, all of this works for my specific usecase, but I feel that it would be nice to have something similar to the
Guardian.Token.Jwt.SecretFetcher
at the Plug level, so you could retrieve different secrets at runtime based on information contained in the Plug.I assume this could be implemented as a behaviour where you have to implement the
fetch_verifying_secret
function, or you could pass an MFA toGuardian.Plug.VerifyHeader
. I'd be interested on submitting a PR if you think this feature could be useful (in that case let me know which of the approaches you'd prefer).The text was updated successfully, but these errors were encountered: