Extension dropdown page auth login. about ai HOT 12 CLOSED

It was decided that we will use the user's PAT to log them in, sort of like the flow I mentioned here - #8 (comment). I can move forward with the same design I used in my submission, and maybe later when we have a consistent design system, we can edit everything.

from ai.

Are we adding a Signin with GitHub button, or using the PAT like we did in our demos? If we are integrating with OpenSauced auth, how can we go about doing that?

Generating and using a PAT for the extension is the safest all-round way of doing it, since ay extension mistakes or hijacking would be visible through token usage, however both methods can be explored for knowledge sharing purposes 🍕

from ai.

We can test **.github.com/** for redirect strings on beta

from ai.

Are we adding a Signin with GitHub button, or using the PAT like we did in our demos? If we are integrating with OpenSauced auth, how can we go about doing that?

from ai.

Okay, I can start working on this with PAT login.

from ai.

Here's an auth flow I made for my demo, let me know what can be improved, we haven't made a solid design decision yet too @Anush008

from ai.

@diivi, I've used Supabase's auth flow by redirecting to /auth/v1, followed by a check for the session-cookie. The session holds the auth-token for API calls.
https://user-images.githubusercontent.com/46051506/232797763-699ea9ac-fd09-4cbc-b25c-5c17a987e53b.gif

from ai.

@diivi, I've used Supabase's auth flow by redirecting to /auth/v1, followed by a check for the session-cookie. The session holds the auth-token for API calls

@0-vortex, what do you think of this, security-wise?
I'll try to look at the code once I have access to Anush's repo.

from ai.

@diivi, I've used Supabase's auth flow by redirecting to /auth/v1, followed by a check for the session-cookie. The session holds the auth-token for API calls

@0-vortex, what do you think of this, security-wise? I'll try to look at the code once I have access to Anush's repo.

IMHO we should set up that but on the development SupaBase, and try to enable another redirect url like https://**.github.com/** from the beta branch (of either insights or hot endpoints) - if that works it would simplify the log in by a lot 🍕

from ai.

IMHO we should set up that but on the development SupaBase, and try to enable another redirect url like https://**.github.com/** from the beta branch (of either insights or hot endpoints) - if that works it would simplify the log in by a lot

Can you help me understand how to set this up, like where I can learn more about how authentication currently works in OpenSauced? I did it through PATs and Anush did it by redirecting directly to the authentication URL, and then checking for the presence of an access token in the cookies.

from ai.

🎉 This issue has been resolved in version 1.0.0-beta.1 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀

from ai.

🎉 This issue has been resolved in version 1.0.0 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀

from ai.