Interaction between active login, passive login, and programmatically provided access token #55
Comments
|
Is there ever a case where a user might want to be logged in as two different users for the same backend, like two apps on the same page? |
Yes, it's not uncommon for people to have multiple accounts. |
|
We should figure this out and document it before we launch, even if we don’t yet provide controls to override the behavior. |
I would provide an option for this. For example, the access token for Google backends is short-lived (an hour only). So, in most cases, when we try to log the user in passively, it'll fail. It would be nice if we had an option (e.g.,
Seconded. I believe a console warning also makes sense here (additionally to the returned
+1
It seems that not every backend might call it Line 18 in b97a126 I would advocate for this to be the default behavior. However, I also believe that having an option (one of the standard constructor options, for example) to not call |
Working on #11 recently, I realized a lot of tricky cases where I'm not sure we have the best DX.
For context,
backend.login()supports two options:passive: If true, only try to log in with locally stored credentials, do not show any UI (false by default)accessToken(new): programmatically provided access token1. Does
backend.login()log the user out first?Maybe it depends on the settings?
IMO passive login should be graceful, we need to be able to call it multiple times with no side effects if a user is already logged in. So it should not log the user out in that case.
I’m less sure about the case where it's an active login and/or an access token is provided (which may or may not be valid).
2. What happens if the access token provided programmatically is invalid?
What should Madata do if the access token is invalid?
If we don't go with (3), what should happen next?
I see a few valid scenarios here:
3. Does a programmatically provided access token override stored credentials?
What should happen, if there's an access token in local storage? (i.e. passive login would succeed)
IMO 2: I see programmatically providing an access token as a more "active" form of login than using stored credentials, so if one is provided we should respect it. If calling code wants to use a programmatically provided access token as a fallback, they can try a passive login first, and then one where they provide the access token.
4. Do we always try to log in passively first?
What should happen?
I guess that's also related to 1 (do we log out first?).
Right now we seem to try passive login first, then …discard the result, so the only case where it makes a difference is if the user aborts the active login.
Note that there are two use cases here:
If we go with (1) (passive login first), the login button use case would require
backend.logout()first, otherwise it would result in weird bugs (though the end-user shouldn't be able to click the login button at all if they're logged in).If we go with (2), both use cases are still served with a one liner. The second one with the single
login()call, and the former like so:So it could go either way here.
Regardless of which way we go, we could also introduce new syntax to do the other thing. E.g. we may decide to have all three as separate: if you provide an access token, you just get authentication via an access token, if you specify that you want an active login, you just get that. But we could also have settings that attempt passive first, or passive as a fallback etc. Or we could introduce them at a later time, as sugar.
The text was updated successfully, but these errors were encountered: