May 15, 2022•276 words
Total hours: 238.450
1) Auth0 Logout Flow Design
I’ve done a really good job and actually collapsed everything underneath one endpoint. I’ve moved away from user to operator. Operator is someone that controls something. A user is used. Gaya’s built from the ground up with a different but subtle mindset. This mindset is critical in ensuring the project remains for the operator and not for the user.
I’m not here to manipulate, I’m here to create something that can help join things together. The authentication occurs under /operator/session/establish and /operator/session/disconnect
So what happens is that if you go to /operator/session (in a few days, these changes haven’t been pushed to remote yet). It’ll automatically redirect you to /operator/session/establish if you’re not authenticated. Once you’re authenticated it’ll bop you back to /operator/session/establish/callback. This callback extracts the profile and ties to the local state.
Once you’ve been authenticated you know can access /operator/session stuff.
To disconnect it goes thru a similar flow. The reason that there’s the /operator/session/disconnect/callback is to ensure that any message flashes that are needed can be intercepted and handled here. This is because a flash may not survive a double redirection and this ensures that the message is properly routers!!
2) Documentation Update
Pretty minor stuff here
3) Update CI
The CI now supports all of the required special deployment requirements along with updating the build process. The build process now properly supports all the core parts.
The biggest part is the non flexible authentication provider link. I need to ensure that the allowed callback and start flow match URL directly for the already discussed security implications.