Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(auth): refresh route and auth router refactor #4458

Merged
merged 20 commits into from
Sep 4, 2024
Merged

feat(auth): refresh route and auth router refactor #4458

merged 20 commits into from
Sep 4, 2024

Conversation

axiomofjoy
Copy link
Contributor

@axiomofjoy axiomofjoy commented Aug 30, 2024
edited
Loading

  • Refactors login and logout mutations to REST routes and updates frontend accordingly
  • Adds refresh route
  • Cleans up old files generated by Relay.

resolves #4433

@axiomofjoy axiomofjoy changed the base branch from main to auth August 30, 2024 17:29
@axiomofjoy axiomofjoy force-pushed the auth-router branch 4 times, most recently from 6f4058e to 3aa7a93 Compare September 3, 2024 22:37
@axiomofjoy axiomofjoy marked this pull request as ready for review September 4, 2024 02:01
@dosubot dosubot bot added the size:XXL This PR changes 1000+ lines, ignoring generated files. label Sep 4, 2024
mikeldking
mikeldking reviewed Sep 4, 2024
View reviewed changes
src/phoenix/server/api/routers/auth.py
password_is_valid = partial(
is_valid_password, password=password, salt=salt, password_hash=password_hash
)
if not await loop.run_in_executor(None, password_is_valid):
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

kinda confused by this. Why do you need to run in the loop here?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

computing the password hash is by design an expensive operation to mitigate against brute-force attacks. this is an optimization to run the computation in a background thread and yield control of the event loop while it is being computed.

axiomofjoy and others added 2 commits September 4, 2024 13:12
@axiomofjoy
cascade on delete
28b06f0
@axiomofjoy @mikeldking
improve login failure message
94ef4c0 
Co-authored-by: Mikyo King <mikyo@arize.com>
@axiomofjoy axiomofjoy merged commit 8c7499c into auth Sep 4, 2024
17 checks passed
@axiomofjoy axiomofjoy deleted the auth-router branch September 4, 2024 20:33
This was referenced Sep 4, 2024
Merged
Closed
@axiomofjoy axiomofjoy mentioned this pull request Sep 11, 2024
Closed
RogerHYang pushed a commit that referenced this pull request Sep 21, 2024
@axiomofjoy @anticorrelator @RogerHYang
feat(auth): refresh route and auth router refactor (#4458)
a7c53fe 
Co-authored-by: Dustin Ngo <dustin@arize.com>
This was referenced Sep 25, 2024
Merged
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mikeldking mikeldking mikeldking approved these changes

Assignees
No one assigned
Labels
size:XXL This PR changes 1000+ lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@axiomofjoy @mikeldking @anticorrelator