Jesse Williams Comments - Answer Overflow

Jesse Williams

•Created by Jesse Williams on 5/28/2025 in #support

Authenticating an SPA via graphql

I can see why though, policies for interacting with users are one of those things that could depend a lot on your application use case

49 replies

AEAsh Elixir

•Created by Jesse Williams on 5/28/2025 in #support

Authenticating an SPA via graphql

^ I was adding my own policies there. e.g.

policy action([:register, :sign_in]) do
  authorize_if always()
end

policy action([:register, :sign_in]) do
  authorize_if always()
end

(and removed the forbid_if always() policy) Definitely seems that the default policies are kinda optimizing for the use case of ash_authentication_phoenix

49 replies

AEAsh Elixir

•Created by Jesse Williams on 5/28/2025 in #support

Authenticating an SPA via graphql

probably a good idea, I'm notoriously bad at writing docs 😂

49 replies

AEAsh Elixir

•Created by Jesse Williams on 5/28/2025 in #support

Authenticating an SPA via graphql

Ah right

49 replies

AEAsh Elixir

•Created by Jesse Williams on 5/28/2025 in #support

Authenticating an SPA via graphql

Updating docs?

49 replies

AEAsh Elixir

•Created by Jesse Williams on 5/28/2025 in #support

Authenticating an SPA via graphql

Running into this on a personal project, gotta go do real work now 😂

49 replies

AEAsh Elixir

•Created by Jesse Williams on 5/28/2025 in #support

Authenticating an SPA via graphql

yup, cool. I'll submit a docs PR (might be a couple days ha)

49 replies

AEAsh Elixir

•Created by Jesse Williams on 5/28/2025 in #support

Authenticating an SPA via graphql

yeah, that's what I was thinking

49 replies

AEAsh Elixir

•Created by Jesse Williams on 5/28/2025 in #support

Authenticating an SPA via graphql

Based on the docs it seems like that was the intention. but as far as I can see there's no way to modify the conn except in the absinthe plug, which the ash dsl doesn't configure at all as of now. I think it might work to use modify_resolution to set some auth_token param somewhere in the resolution and then have code in my application that uses the absinthe plug's before_send option to grab that and set a cookie. It's possible that's what the docs were trying to communicate, they do link out to the section of the absinte plug docs about before_send after all. It'll be a bit before I can get back to experimenting with this but when I do I'll probably submit a PR with some more in-depth docs for how to accomplish this for future folks that may be trying to use cookies for this.

49 replies

AEAsh Elixir

•Created by Jesse Williams on 5/28/2025 in #support

Authenticating an SPA via graphql

Actually I'm realizing it's not so simple ha, since modifying the conn happens at the plug level (which is detached from the ash dsl).

49 replies

AEAsh Elixir

•Created by Jesse Williams on 5/28/2025 in #support

Authenticating an SPA via graphql

I'd be happy to try my hand at a PR that does this (assuming I'm correct in my understanding that the current DSL doesn't actually support it)

49 replies

AEAsh Elixir

•Created by Jesse Williams on 5/28/2025 in #support

Authenticating an SPA via graphql

Based on my limited understanding of absinthe, it seems like modifying the conn and modifying the resolution are 2 separate things (see here). I'm wondering if this should be a separate piece of the ash_graphql dsl, like before_send that can mess with the conn

49 replies

AEAsh Elixir

•Created by Jesse Williams on 5/28/2025 in #support

Authenticating an SPA via graphql

Hmm. The Absinthe.Resolution doesn't seem to have the conn in it at all 🤔

49 replies

AEAsh Elixir

•Created by Jesse Williams on 5/28/2025 in #support

Authenticating an SPA via graphql

Supposing I wanted the token to wind up in a cookie set by the server... is the only way to make my own resolver that sets the cookie on the connection?

49 replies

AEAsh Elixir

•Created by Jesse Williams on 5/28/2025 in #support

Authenticating an SPA via graphql

Oh awesome. This looks basically like what I was trying but I appear to have gotten the semantics slightly wrong haha. I was doing

    queries do
      read_one :sign_in_with_password, :sign_in_with_password do
        type_name :user_with_token
      end
    end

    queries do
      read_one :sign_in_with_password, :sign_in_with_password do
        type_name :user_with_token
      end
    end

using read_one instead of get with identity false. Technically the way I was doing it works but it winds up with a filter input which makes sense in terms of ash semantics but in terms of an actual sign in endpoint is bizarre so I was wondering if I was totally missing something. Seems like not, just a slight semantic difference. Thanks!

49 replies

AEAsh Elixir

•Created by Jesse Williams on 5/28/2025 in #support

Authenticating an SPA via graphql

I do!

49 replies

AEAsh Elixir

•Created by Jesse Williams on 5/28/2025 in #support

Authenticating an SPA via graphql

That seems more like how to set the actor assuming the token exists on the request (if I understand correctly) but I'm looking more for how to perform the sign in via gql

49 replies

AEAsh Elixir

•Created by Jesse Williams on 5/6/2025 in #support

Filtering by/selecting calculations when working with direct ecto queries

Not really all that bad, just felt like the sort of thing I had to at least attempt before just duplicating code 😅

11 replies

AEAsh Elixir

•Created by Jesse Williams on 5/6/2025 in #support

Filtering by/selecting calculations when working with direct ecto queries

Probably not worth it in my use case I'm gonna assume 😅

11 replies

AEAsh Elixir

•Created by Jesse Williams on 5/6/2025 in #support

Filtering by/selecting calculations when working with direct ecto queries

gotcha

11 replies

Gaming

Programming