See:
- The current hooks API ref
- The current hooks guide
- The PR that added auth hooks (I thought there'd be more relevant discussion in here but there isn't really)
Currently:
keystone.createAuthStrategy({
type: PasswordAuthStrategy,
list: 'User',
hooks: {
resolveAuthInput: async (...) => {...},
validateAuthInput: async (...) => {...},
beforeAuth: async (...) => {...},
afterAuth: async (...) => {...},
beforeUnauth: async (...) => {...},
afterUnauth: async (...) => {...},
},
});We now have more potential auth-related operations:
authenticate(existing)unauthenticate(existing)createInitialItemsendPasswordResetLinkredeemPasswordResetLinksendMagicAuthLinkredeemMagicAuthLink
(See existing operations.)
- We don't need hooks for the
createInitialItemoperation, it's once off- Or.. is this how we collect metrics from the demo projects?
- We should maintain the separation between "resolve" (can modify
resolvedData) AND "validate" (can add validation errors) for auth hooks - We should reuse the existing
resolveAuthInputandvalidateAuthInputfunctions for the new auth operations (as we do with update/create)
So usage becomes something like...?
keystone.createAuthStrategy({
type: PasswordAuthStrategy,
list: 'User',
hooks: {
resolveAuthInput: async (...) => {...},
validateAuthInput: async (...) => {...},
beforeAuth: async (...) => {...},
afterAuth: async (...) => {...},
beforeUnauth: async (...) => {...},
afterUnauth: async (...) => {...},
beforeSendPasswordResetLink: async (...) => {...},
afterSendPasswordResetLink: async (...) => {...},
beforeRedeemPasswordResetLink: async (...) => {...},
afterRedeemPasswordResetLink: async (...) => {...},
beforeSendMagicAuthLink: async (...) => {...},
afterSendMagicAuthLink: async (...) => {...},
beforeRedeemMagicAuthLink: async (...) => {...},
afterRedeemMagicAuthLink: async (...) => {...},
},
});