-
Notifications
You must be signed in to change notification settings - Fork 2
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
add support for auth (via email) #19
Conversation
5c0f157
to
252d565
Compare
9c19728
to
a4c1043
Compare
a4c1043
to
f394a91
Compare
@andrewkmin do you think we can consolidate recovery and auth under the same iframe? Conceptually they do the same thing?
Are there specific aspects of auth that require a separate iframe? Otherwise we can have a common domain for both. |
fc5fcb4
to
8e72eb3
Compare
This absolutely makes sense. Arguably the trickiest part in all this is naming 😄 between the two, I feel like both fall under the |
8e72eb3
to
120c81a
Compare
auth/index.html
Outdated
window.addEventListener("message", async function(event) { | ||
if (event.data && event.data["type"] == "INJECT_RECOVERY_BUNDLE") { | ||
if (event.data && event.data["type"] == "INJECT_CREDENTIAL_BUNDLE") { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't think we can break compatibility. Let's support both INJECT_RECOVERY_BUNDLE
and INJECT_CREDENTIAL_BUNDLE
? Old versions of our SDK will keep sending INJECT_RECOVERY_BUNDLE
for a while, and it doesn't cost us much to keep supporting this.
Dockerfile
Outdated
COPY auth /usr/share/nginx/auth | ||
COPY export /usr/share/nginx/export |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think we need to keep supporting recovery.turnkey.com. So let's "cheat":
COPY auth /usr/share/nginx/recovery
:)
README.md
Outdated
@@ -1,17 +1,22 @@ | |||
# Frames | |||
|
|||
This repository contains code for the recovery and export components of Turnkey. These components can be embedded as iframes by users to support end-users in recovery and export. | |||
This repository contains code for the recovery, export, and auth components of Turnkey. These components can be embedded as iframes by users to support end-users. | |||
|
|||
## Email Recovery |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Update the title to "Auth and Recovery"? (and delete the specific "auth" section)
We'll want to keep recovery.turnkey.com for compatibility but we should recommend people set auth.turnkey.com in both email recovery and auth flows.
Yeah I'm with you there! I'd say |
538749b
to
1f63a8e
Compare
@@ -863,7 +864,7 @@ <h2>Message log</h2> | |||
// TODO: find a way to filter messages and ensure they're coming from the parent window? | |||
// We do not want to arbitrarily receive messages from all origins. | |||
window.addEventListener("message", async function(event) { | |||
if (event.data && event.data["type"] == "INJECT_RECOVERY_BUNDLE") { | |||
if (event.data && (event.data["type"] == "INJECT_CREDENTIAL_BUNDLE" || event.data["type"] == "INJECT_RECOVERY_BUNDLE")) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
👏
auth/favicon.svg
Outdated
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We might need a different color than usual! Red? Purple?
Doesn't really matter in the end, not many people will visit these iframe as a standalone page.
- name: Publish Auth | ||
uses: cloudflare/pages-action@f0a1cd58cd66095dee69bfa18fa5efd1dde93bca #v1.5.0 | ||
with: | ||
apiToken: ${{ secrets.CLOUDFLARE_API_TOKEN }} | ||
accountId: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }} | ||
projectName: recovery | ||
directory: recovery | ||
projectName: auth | ||
directory: auth | ||
gitHubToken: ${{ secrets.GITHUB_TOKEN }} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Note: this will fail on the cloudflare side, I'll need to edit the project to be named "auth". done!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
wooooh 🎉 this looks great. love seeing recovery
-> auth
.
$title
Related: tkhq/sdk#169
This will require dns updates to have this hosted at a Turnkey subdomain.