AE
Ash Elixir3y ago
Bread

Fly.io deployment with ash_authentication

I'm trying to deploy the new version of my app with ash_authentication but I get an error at this line: 
signing_secret(Application.compile_env(:todoish, TodoishWeb.Endpoint)[:secret_key_base])
signing_secret(Application.compile_env(:todoish, TodoishWeb.Endpoint)[:secret_key_base])
invalid value for :signing_secret option: expected string, got: nil
invalid value for :signing_secret option: expected string, got: nil
I'm guessing this is because it's trying to grab the secret during compile time (could be wrong). I also tried using fetch_env! with the same results.
5 Replies
ZachDaniel
ZachDaniel3y ago
I don't think you want either of those. fetch_env! will fail at compile time if you don't have it set I'd suggest doing it the way that we do it in AshHq 
defmodule AshHq.Accounts.Secrets do
  @moduledoc "Secrets adapter for AshHq authentication"
  use AshAuthentication.Secret

  @github_secret_keys ~w(client_id client_secret redirect_uri)a

  def secret_for([:authentication, :tokens, :signing_secret], AshHq.Accounts.User, _) do
    Application.fetch_env(:ash_hq, :token_signing_secret)
  end

  def secret_for([:authentication, :strategies, :github, key], AshHq.Accounts.User, _)
      when key in @github_secret_keys do
    with {:ok, value} <- Application.fetch_env(:ash_hq, :github) do
      Keyword.fetch(value, key)
    end
  end
end
defmodule AshHq.Accounts.Secrets do
  @moduledoc "Secrets adapter for AshHq authentication"
  use AshAuthentication.Secret

  @github_secret_keys ~w(client_id client_secret redirect_uri)a

  def secret_for([:authentication, :tokens, :signing_secret], AshHq.Accounts.User, _) do
    Application.fetch_env(:ash_hq, :token_signing_secret)
  end

  def secret_for([:authentication, :strategies, :github, key], AshHq.Accounts.User, _)
      when key in @github_secret_keys do
    with {:ok, value} <- Application.fetch_env(:ash_hq, :github) do
      Keyword.fetch(value, key)
    end
  end
end
And then signing_secret AshHq.Accounts.Secrets
Bread
BreadOP3y ago
Hmm okay I'll give it a try. Thanks!
jart
jart3y ago
You will want the config in your prod.exs to just call System.get_env to get the secrets out of the environment.
Bread
BreadOP3y ago
Okay I've gotten it published! Thanks for the the help!
jart
jart3y ago
Congrats!

Did you find this page helpful?