Version 4.0.0 of AshAuthentication adds support for Ash 3.0 and in line with a number of changes in Ash there are some corresponding changes to Ash Authentication:
-
Token generation is enabled by default, meaning that you will have to explicitly set
authentication.tokens.enabled?tofalseif you don't need them. -
Sign in tokens are enabled by default in the password strategy. What this means is that instead of returning a regular user token on sign-in in the user's metadata, we generate a short-lived token which can be used to actually sign the user in. This is specifically to allow live-view based sign-in UIs to display an authentication error without requiring a page-load.
As of version 3.6.0 the TokenResource extension adds the subject attribute
which allows us to more easily match tokens to specific users. This unlocks
some new use-cases (eg sign out everywhere).
This means that you will need to generate new migrations and migrate your database.
If you already have tokens stored in your database then the migration will likely throw a migration error due to the new
NOT NULLconstraint onsubject. If this happens then you can either delete all your tokens or explicitly add thesubjectattribute to your resource withallow_nil?set totrue. eg:attributes do attribute :subject, :string, allow_nil?: true end
- Run
mix ash_postgres.generate_migrations --name=add_subject_to_token_resource - Run
mix ash_postgres.migrate - 🎉