blitz
blitz copied to clipboard
blitz-js
BlitzAuth plugin onAuth hook
What do you want and why?
It would be amazing to add a onAuth function callback to BlitzAuth plugin for setting the user in i.e. sentry context on the server
Possible implementation(s)
AuthServerPlugin({
// ...
onAuth: (ctx: AuthenticatedMiddlewareCtx) => {
Sentry.setUser({ id: ctx.session.userId });
},
}),
and then in blitz-auth/src/server/auth-plugin.ts
const blitzSessionMiddleware: RequestMiddleware<
IncomingMessage,
ServerResponse & {blitzCtx: Ctx}
> = async (req, res, next) => {
console.log("Starting sessionMiddleware...")
if (!res.blitzCtx?.session) {
const session = await getSession(req, res)
options.onAuth?(session);
}
return next()
}
we currently have it implemented as a patch-package for the blitz (old blitz) that adds Sentry.setUser inside of the authorize resolver function, but this seams like a better option
Additional context
Maybe a better name than onAuth, i.e. onAuthMiddlware / afterAuth?
That's a great idea and that's something that we were thinking about already. The initial idea was to have "onSessionCreate", "onSessionDestroy" hooks. What do you think about this naming?
That might be useful for tracking/setting up some resources, but besides that I'd also add a onSessionVerify? / onAuthMiddlware or something similar to be called on every call specifically for logging / sentry / ...
Hmm, thinking about this again brings me to reconsider, since for error tracking usecase you only want to setup sentry context when user get's authenticated.
So I'd maybe add a onAuth hook to $authenticate method / authenticate resolver pipe? (this is how it's currently in out codebase)
