I’m happy to announce StippleUsers.jl - a middle layer for user authorisation in the GenieFramework.
What does it do?
It predefines and exports functions get_user(), get_roles(), is_authorised() which can be called in a route before delivering the page to the user.
These functions need to be specialised for the application(s) of the user. They are predefined in a way to grant access to anyone. - More details are found in the README of the repository.
Why is it useful?
Each application is different in how authentication is performed and how user roles are granted. You may have a docker container running in Snowflake where the authentication is done via Microsoft, you may setup your own Google Authenticator and have your own user database via GenieAuthorisation.
As soon as you have certain pages that only prviledged users can access, you want to make sure that the user is really priviledged. With this framework that part always looks the same, it’s get_user() to retrieve the user’s name, it’s get_roles() to retrieve the user’s roles and it’s is_authorised(role = "user").
The only thing you have to do is to define how these functions look like in your particular case. Then you just say using StippleUsers in each route and you have your functions at hand in each module that needs it. For a single page scenario this doesn’t make a big difference, but if you have multiple pages it is a pain to import all required functions from a local module in each of the pages.
Now the functions always sit at the same place. And migration to a different host is a snap of your fingers. You simply adapt your definition at one place of the app and all your pages work without any further adaptation.
Imagine you have one admin page that you want to use in all of your applications. You just copy it, independent of how your app handles authorisation.