8.1 KiB

Raw Blame History

Auth Notes

starting the pocketbase as framework
plan

starting the pocketbase as framework

https://pocketbase.io/docs/go-overview/

plan

DONE start pocketbase

DONE add middlewares for cookie session

DONE add index page, that will have either "current user" or 'login' link

DONE let's add some content that only opens up when person is authed

DONE also, how do i logout?

separate route that deleted the cookie i guess. since auth is a jwt which would expire on its own and htmx get thingy, and reload i guess?

DONE 'login' link should open dialog with oauth providers

so, i want a window with available oauth providers, to trigger the js code from example https://pocketbase.io/docs/authentication/ ( all in one, recommended )

let's get configured providers in the go code, add as slice of strings, and in template create buttons for each of those with js code from the example

DONE in template range over enabled providers to create buttons for each

DONE make dialog show on click of some element

https://developer.mozilla.org/en-US/docs/Web/HTML/Element/dialog

DONE i guess i would also like to send htmx event for reloading the page

on successful auth? now, why would logout work, and login not work?

eh, let's go back on body doing the hx-get on event?

maybe this is because of open dialog

wait, maybe then returning from other auth middlewares will work

no. for some reason

e.HttpContext.Response().Header().Add("HX-Trigger", "auth-change-event")

this header when returned with response to request triggered by js, doesn't result in event being triggered, ok, i guess

so yeah, uglier that i wanted

wanted to have hx-get="/" hx-trigger="auth-change-event" and send these events from all auth middleware methods

https://htmx.org/docs/#response-headers

but on auth success, even though header is present in the response, no event is triggered ( checked with event listener in console ) so, yup. coupling between js code of oauth, middlewares and body tag. this seems like too much.

but it somewhat works

DONE add one more page that checks auth

and let's use existing middleware from framework documentation

with hx-boost things are well, but i also need header as fragment, so that opening in new tab would work. and all js imports and libraries that are required by all pages, should be in all templates

DONE i suppose there has to be a base template then

and now all since base template has Nav, i need to provide attibutes which are used there, huh well. hmmmmm. yeah, i guess

DONE add tailwind styling

and wgo command should move from wgo -file=.gohtml -file=.go go run . serve

to wgo -verbose -file=.go -file=.gohtml -file=tailwind.config.js tailwindcss -i ./pages/input.css -o pages/static/public/out.css :: go run . serve

DONE style pages

DONE style dialog

DONE i guess i'll want a makefile?

then wgo could be build with makefile and run and nix packaging could be more straightforward, and not too prohibitive to those who don't use nix

it seems that with MakeFile i could have go code depend on tailwind output

and not have other way around, it should speed up the restart of the service in cases where only go code has changed.

also - i think i can have different build and run for go code, so yeah

allright, it looks like people also do that

https://www.alexedwards.net/blog/a-time-saving-makefile-for-your-go-projects

some helpful things:

https://makefiletutorial.com/

example of things for go https://earthly.dev/blog/golang-makefile/ https://www.alexedwards.net/blog/a-time-saving-makefile-for-your-go-projects and i guess i could also search online for tailwindcss Makefile examples and tips

DONE package static into single binary

i guess already done?

DONE write nix build

and it should be even easier with a Makefile?

https://ryantm.github.io/nixpkgs/stdenv/stdenv/

simple stdenv.mkDerivation calls generic builder which uses Makefile

now i have a problem with using go build in a homeless-shelter > failed to initialize build cache at homeless-shelter.cache/go-build: mkdir /homeless-shelter: permission denied

well, especially with go.mod dependencies i'd need to use buildGoModule

but [efim@chunky:~/Documents/personal/go-learning/auth-pocketbase-attempt]$ ./result/bin/auth-pocketbase-attempt serve 2023/10/07 04:05:56 mkdir result/bin/pb_data: read-only file system

so, i need to pass some place in tmp? this is probably pocketbase settings, hopefully as command line argument

https://nixos.org/manual/nixpkgs/stable/#sec-language-go https://nixos.wiki/wiki/Go

so, if i call executable from somewhere, it looks for pb_data in current directory

but then for some reason [efim@chunky:~/Documents/personal/go-learning/auth-pocketbase-attempt]$ ./result/bin/auth-pocketbase-attempt serve 2023/10/08 06:37:19 mkdir result/bin/pb_data: read-only file system

here it tries to init pb_data near the binary

this works: [efim@chunky:~/Documents/personal/go-learning/auth-pocketbase-attempt]$ ./result/bin/auth-pocketbase-attempt serve –dir=./pb_data

oh, i don't need to specify location of migrations.

because they are static. and should be just present in the nix store

and –dir is already built in. nice

well, i don't see any pb_migrations in my project directory even though, i'm creating and updating the table maybe it's all in pb_data now?

if now - i'll need to add something like

            postBuild = ''
              cp pb_migration $out/bin/pb_migration
            '';

so, if using as framework migrations are not automatically enabled?

https://github.com/pocketbase/pocketbase/discussions/2218

https://pocketbase.io/docs/go-migrations/#enable-go-migrations The prebuilt executable enables the migrate command by default, but when you are extending PocketBase with Go you have to enable it manually

now `nix build` produces the binary capable to run the site

and

./result/bin/auth-pocketbase-attempt serve --dir=./pb_data

is what i need for it to pick up pb_data from work directory, cool

TODO write nixos module

need to pass data and migration location as params and address on which to serve, cool i suppose but also nginx settins at the same time

this is behavior of specifying the host and port:

[efim@chunky:~/Documents/personal/go-learning/auth-pocketbase-attempt]$ sudo ./result/bin/auth-pocketbase-attempt serve --https=127.0.0.1:8090 --dir=./pb_data 2023/10/08 12:58:04 Server started at https://127.0.0.1:8090 ├─ REST API: https://127.0.0.1:8090/api/ └─ Admin UI: https://127.0.0.1:8090/_/ ^C [efim@chunky:~/Documents/personal/go-learning/auth-pocketbase-attempt]$ sudo ./result/bin/auth-pocketbase-attempt serve 127.0.0.1:8090 –dir=./pb_data 2023/10/08 12:58:15 Server started at https://127.0.0.1:8090 ├─ REST API: https://127.0.0.1:8090/api/ └─ Admin UI: https://127.0.0.1:8090/_/ ^C [efim@chunky:~/Documents/personal/go-learning/auth-pocketbase-attempt]$ sudo ./result/bin/auth-pocketbase-attempt serve –http=127.0.0.1:8090 –dir=./pb_data 2023/10/08 12:58:20 Server started at http://127.0.0.1:8090 ├─ REST API: http://127.0.0.1:8090/api/ └─ Admin UI: http://127.0.0.1:8090/_/

by default - if host is present, serving on https.

cool

oh, but if i'm using nginx i'll need my own certificate, that makes sence

maybe things are ok?

let's try to plaintext deploy?

TODO add docker image from nix

TODO add cli for port and host

TODO add readme and comments

TODO configure tls / ssl / https on franzk deployment

can it be configured on render.com?

TODO maybe add middleware so that 401 would be a page, and not json

TODO get icons for the auth providers. surely they are accessible from the pocketbase itself?

yes.

TODO figure out and enbale migrations

https://pocketbase.io/docs/go-migrations/#enable-go-migrations

if i understood correctly, when i enable migration generation i would be able to modify locally run instance via admin interface, go files with migration would be generated, i'll have to import them somewhere in my main module, and then after building/packaging when i run `serve` on production the migrations would run on the production data

8.1 KiB Raw Blame History Unescape Escape