-
-
Notifications
You must be signed in to change notification settings - Fork 2.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: Destroy session + introduce http
config
#7336
Conversation
The latest updates on your projects. Learn more about Vercel for Git ↗︎
3 Ignored Deployments
|
|
2203708
to
3e0f162
Compare
3e0f162
to
5ac1928
Compare
auth
config
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sounds good to me
Should we change the http: {
jwtSecret: "test",
cookieSecret: "test",
authCors: "...",
storeCors: "...",
authCors: "...",
compression: { ... }
} cc @srindom |
I think it can make sense 👍 jwt is really specific to auth but I am find with defining the config in a kind of layer approach |
I believe |
Done, let me know what you think :) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nice!
auth
confighttp
config
@shahednasser, would you be up for helping me ensure the documentation reflects these changes? 🙏 |
@olivermrbl yes thanks for letting me know! |
Btw. I still need to clean up after we decided to make all these changes breaking. Essentially, it means we won't be keeping any of the old secrets and configs that have been moved to |
Introduce
DELETE /auth/session
to destroy session, used for sign outshttp
config inprojectConfig
**This PR introduces a breaking change by replacing some existing configs with an
auth
property inprojectConfig
.We will go from
to
Additionally, an additional config
jwtExpiresIn
is introduced to control the expiry time of the issued JWT tokens. Default is 24 hours.In the future, we should consider supporting settings per scope and provider, but I don't think this is very important right now.