Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: Improved toolbar authentication (with support for CLI) #22295

Draft
wants to merge 52 commits into
base: master
Choose a base branch
from
Draft

feat: Improved toolbar authentication (with support for CLI) #22295

wants to merge 52 commits into from

Conversation

benjackwhite
Copy link
Contributor

@benjackwhite benjackwhite commented May 15, 2024
edited
Loading

Problem

For the CLI hackathon - adds a secure flow for passing a jwt to the cli to be used.

The outcome of this made me think that we could use this for the toolbar as well, improving the auth flow for it and potentially allowing solutions that don't work well with the hash param state (via posthog.loadToolbar() )

WARNING - As this is auth related we should think slowly before we merge. For now we can demo the tool on this PR.

Changes

  • Adds a new auth flow for exhanging a token in a non-interactive way
  • Removes TemporaryTokenAuthentication in favour of the new JWT based flow

TODO

  • Add scopes support to the token generation
  • Add scopes to the authorizer redirect
  • Load projects from the API so that we can correctly get the projectId for a given token
  • Ensure only authorizedUrls work for the toolbar
  • Change API calls to use the speciied project ID and not the @current thing
  • Ensure only the necessary project for the token is scoped
  • Fix embedded heatmaps
  • Figure out expiry
  • Add elements and heatmaps project specific endpoints

👉 Stay up-to-date with PostHog coding conventions for a smoother review.

Does this work well for both Cloud and self-hosted?

How did you test this code?

@github-actions github-actions bot temporarily deployed to pr-feat/cli-auth May 15, 2024 16:25 Destroyed
@benjackwhite
Merge branch 'master' into feat/cli-auth
8743bae 
# Conflicts:
#	posthog/api/user.py
@github-actions github-actions bot temporarily deployed to pr-feat/cli-auth May 21, 2024 11:21 Destroyed
@benjackwhite benjackwhite removed the request for review from danielxnj May 22, 2024 09:18
@benjackwhite
wip
4838600
@benjackwhite
fix
1722b58
@benjackwhite
Merge branch 'feat/toolbar-auth-v2' into feat/cli-auth
2ac59d1 
# Conflicts:
#	posthog/api/__init__.py
#	posthog/api/client_auth.py
#	posthog/api/routing.py
#	posthog/jwt.py
#	posthog/urls.py
@benjackwhite
Fixes
47f248f
@benjackwhite
Swapped over to using access token
d5ef83c
@marandaneto
Copy link
Member

I will close #22321 in favor of this one

@posthog-bot
Copy link
Contributor

📸 UI snapshots have been updated

2 snapshot changes in total. 0 added, 2 modified, 0 deleted:

  • chromium: 0 added, 2 modified, 0 deleted (diff for shard 1)
  • webkit: 0 added, 0 modified, 0 deleted

Triggered by this commit.

👉 Review this PR's diff of snapshots.

@posthog-bot
Copy link
Contributor

📸 UI snapshots have been updated

2 snapshot changes in total. 0 added, 2 modified, 0 deleted:

  • chromium: 0 added, 2 modified, 0 deleted (diff for shard 1)
  • webkit: 0 added, 0 modified, 0 deleted

Triggered by this commit.

👉 Review this PR's diff of snapshots.

@posthog-bot
Copy link
Contributor

📸 UI snapshots have been updated

1 snapshot changes in total. 0 added, 1 modified, 0 deleted:

  • chromium: 0 added, 1 modified, 0 deleted (diff for shard 2)
  • webkit: 0 added, 0 modified, 0 deleted

Triggered by this commit.

👉 Review this PR's diff of snapshots.

@posthog-bot
Copy link
Contributor

📸 UI snapshots have been updated

1 snapshot changes in total. 0 added, 1 modified, 0 deleted:

  • chromium: 0 added, 1 modified, 0 deleted (diff for shard 2)
  • webkit: 0 added, 0 modified, 0 deleted

Triggered by this commit.

👉 Review this PR's diff of snapshots.

@posthog-bot
Copy link
Contributor

This PR hasn't seen activity in a week! Should it be merged, closed, or further worked on? If you want to keep it open, post a comment or remove the stale label – otherwise this will be closed in another week.

@posthog-bot
Copy link
Contributor

This PR hasn't seen activity in a week! Should it be merged, closed, or further worked on? If you want to keep it open, post a comment or remove the stale label – otherwise this will be closed in another week.

@benjackwhite benjackwhite added waiting Prevents stale-bot from marking the PR as stale. and removed stale labels Jun 18, 2024
@benjackwhite benjackwhite mentioned this pull request Dec 13, 2024
Open
benjackwhite and others added 10 commits December 13, 2024 16:20
@benjackwhite
Merge branch 'master' into feat/cli-auth
49f1ad0 
# Conflicts:
#	frontend/src/lib/components/HedgehogBuddy/hedgehogBuddyLogic.ts
#	frontend/src/scenes/appScenes.ts
#	frontend/src/scenes/sceneTypes.ts
#	frontend/src/scenes/scenes.ts
#	frontend/src/toolbar/bar/Toolbar.tsx
#	posthog/api/__init__.py
#	posthog/api/action.py
#	posthog/api/feature_flag.py
#	posthog/api/personal_api_key.py
#	posthog/api/routing.py
#	posthog/api/team.py
#	posthog/api/test/dashboards/__snapshots__/test_dashboard.ambr
#	posthog/api/test/notebooks/__snapshots__/test_notebook.ambr
#	posthog/api/user.py
#	posthog/jwt.py
#	posthog/models/user.py
#	posthog/permissions.py
#	posthog/session_recordings/test/__snapshots__/test_session_recordings.ambr
#	posthog/tasks/test/__snapshots__/test_process_scheduled_changes.ambr
@benjackwhite
Fixes
14049d8
@benjackwhite
Fixes
1768c6b
@benjackwhite
Fixes
f4916cc
@benjackwhite
Fixed up scopes to come from the same place
6c438fd
@github-actions
Update query snapshots
3ff5b8a
@benjackwhite
Fies
01753a6
@benjackwhite
Merge branch 'feat/cli-auth' of github.com:PostHog/posthog into feat/…
6eb2e2c 
…cli-auth
@benjackwhite
Fixes
7706e59
@github-actions
Update UI snapshots for chromium (2)
cf4708c
@posthog-bot
Copy link
Contributor

📸 UI snapshots have been updated

12 snapshot changes in total. 0 added, 12 modified, 0 deleted:

  • chromium: 0 added, 12 modified, 0 deleted (diff for shard 2)
  • webkit: 0 added, 0 modified, 0 deleted

Triggered by this commit.

👉 Review this PR's diff of snapshots.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@marandaneto marandaneto marandaneto left review comments

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
waiting Prevents stale-bot from marking the PR as stale.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@benjackwhite @marandaneto @posthog-bot @danielxnj