ian/directus-extension-external-jwt
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: add cache (#2)

Browse Source 
* ci: remove main workflow
ci: add pr workflow to branch next

* docs: correct readme
ci: add docker build on release
ci: add lint and test to release flow

* feat: add cache for both memory and redis
refactor: cleanup getAccountability nested promise
refactor: import path for get-auth-providers.ts
docs: document cache options
ci: add redis file to gitignore

* ci: use test:coverage for testing to update pr

---------

Co-authored-by: Krise <krise86@users.noreply.github.com>
This commit is contained in:
Kristoffer
2023-08-02 16:44:07 +02:00
committed by GitHub
parent aea5b84c41
commit 8f8ce1e02b
12 changed files with 284 additions and 97 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
README.md
View File

@@ -5,9 +5,15 @@ The plugin expects to resolve the following new configuration option
The provider must issues Access tokens as JWT since this is used for verification right now. Might add support for general tokens later.
## Configuration
all configuration options listed here are an extension to directus default config.
|AUTH_PROVIDER_TRUSTED| True | Must be true for the provider to be considered as trusted. Note, do not trust public providers as these can generate tokens that you cannot control.
|AUTH_PROVIDER_JWT_ROLE_KEY | String | What key in the JWT payload contains the role
|AUTH_PROVIDER_JWT_ADMIN_KEY | Boolean | What key in the JWT payload contains a bool to grant admin rights
|AUTH_PROVIDER_JWT_APP_KEY | Boolean | What key in the JWT payload contains a bool to allow app access
| ENV Variable | Supported values | Description |
|------------------------------|-------------------|--------------|
| AUTH_PROVIDER_TRUSTED | True/False | Must be true for the provider to be considered as trusted. Note, do not trust public providers as these can generate tokens that you cannot control.
| AUTH_PROVIDER_JWT_ROLE_KEY | String | What key in the JWT payload contains the role |
| AUTH_PROVIDER_JWT_ADMIN_KEY | String | What key in the JWT payload contains a bool to grant admin rights |
| AUTH_PROVIDER_JWT_APP_KEY | String | What key in the JWT payload contains a bool to allow app access
| AUTH_PROVIDER_JWT_USEDB | Bool | If enabled/true the plugin will resolve the user and roles from the directus database using the token. For OIDC the sub is used. Should not be used without a Redis Cache enabled.
| CACHE_JWT_NAMESPACE | String | What namespace to use in cache store.
| CACHE_JWT_TTL | Number | Time to live for the cached user entry, default 5000 (5 seconds)