go-ssr-pocketbase-oauth-attempt-github-mirror/auth-notes.org

Auth Notes

• starting the pocketbase as framework
• plan
  • start pocketbase
  • add middlewares for cookie session
  • add index page, that will have either "current user" or 'login' link
    • let's add some content that only opens up when person is authed
    • also, how do i logout?
  • 'login' link should open dialog with oauth providers
    • in template range over enabled providers to create buttons for each
    • make dialog show on click of some element
  • i guess i would also like to send htmx event for reloading the page
    • wait, maybe then returning from other auth middlewares will work
    • so yeah, uglier that i wanted
  • add one more page that checks auth
  • i suppose there has to be a base template then
  • add tailwind styling
    • style pages
    • style dialog
  • i guess i'll want a makefile?
    • it seems that with MakeFile i could have go code depend on tailwind output
    • allright, it looks like people also do that
    • some helpful things:
  • package static into single binary
  • write nix build
  • write nixos module
  • add docker image from nix
    • add cli for port and host
  • add readme and comments
  • configure tls / ssl / https on franzk deployment
  • maybe add middleware so that 401 would be a page, and not json
  • get icons for the auth providers. surely they are accessible from the pocketbase itself?

starting the pocketbase as framework

https://pocketbase.io/docs/go-overview/

plan

DONE start pocketbase

DONE add middlewares for cookie session

DONE add index page, that will have either "current user" or 'login' link

DONE let's add some content that only opens up when person is authed

DONE also, how do i logout?

separate route that deleted the cookie i guess. since auth is a jwt which would expire on its own and htmx get thingy, and reload i guess?

DONE 'login' link should open dialog with oauth providers

so, i want a window with available oauth providers, to trigger the js code from example https://pocketbase.io/docs/authentication/ ( all in one, recommended )

let's get configured providers in the go code, add as slice of strings, and in template create buttons for each of those with js code from the example

DONE in template range over enabled providers to create buttons for each

DONE make dialog show on click of some element

https://developer.mozilla.org/en-US/docs/Web/HTML/Element/dialog

DONE i guess i would also like to send htmx event for reloading the page

on successful auth? now, why would logout work, and login not work?

eh, let's go back on body doing the hx-get on event?

maybe this is because of open dialog

wait, maybe then returning from other auth middlewares will work

no. for some reason

e.HttpContext.Response().Header().Add("HX-Trigger", "auth-change-event")

this header when returned with response to request triggered by js, doesn't result in event being triggered, ok, i guess

so yeah, uglier that i wanted

wanted to have hx-get="/" hx-trigger="auth-change-event" and send these events from all auth middleware methods

https://htmx.org/docs/#response-headers

but on auth success, even though header is present in the response, no event is triggered ( checked with event listener in console ) so, yup. coupling between js code of oauth, middlewares and body tag. this seems like too much.

but it somewhat works

DONE add one more page that checks auth

and let's use existing middleware from framework documentation

with hx-boost things are well, but i also need header as fragment, so that opening in new tab would work. and all js imports and libraries that are required by all pages, should be in all templates

DONE i suppose there has to be a base template then

and now all since base template has Nav, i need to provide attibutes which are used there, huh well. hmmmmm. yeah, i guess

DONE add tailwind styling

and wgo command should move from wgo -file=.gohtml -file=.go go run . serve

to wgo -verbose -file=.go -file=.gohtml -file=tailwind.config.js tailwindcss -i ./pages/input.css -o pages/static/public/out.css :: go run . serve

DONE style pages

DONE style dialog

DONE i guess i'll want a makefile?

then wgo could be build with makefile and run and nix packaging could be more straightforward, and not too prohibitive to those who don't use nix

it seems that with MakeFile i could have go code depend on tailwind output

and not have other way around, it should speed up the restart of the service in cases where only go code has changed.

also - i think i can have different build and run for go code, so yeah

allright, it looks like people also do that

https://www.alexedwards.net/blog/a-time-saving-makefile-for-your-go-projects

some helpful things:

https://makefiletutorial.com/

example of things for go https://earthly.dev/blog/golang-makefile/ https://www.alexedwards.net/blog/a-time-saving-makefile-for-your-go-projects and i guess i could also search online for tailwindcss Makefile examples and tips

DONE package static into single binary

i guess already done?

TODO write nix build

and it should be even easier with a Makefile?

TODO write nixos module

TODO add docker image from nix

TODO add cli for port and host

TODO add readme and comments

TODO configure tls / ssl / https on franzk deployment

can it be configured on render.com?

TODO maybe add middleware so that 401 would be a page, and not json

TODO get icons for the auth providers. surely they are accessible from the pocketbase itself?

yes.