-
Notifications
You must be signed in to change notification settings - Fork 114
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Per-request scoped scope #118
Comments
It seems like the best thing to do would probably be to change
This way all of the internals could be changed to turn the string into a hash unobtrusively. It would be a new opt-in feature from the existing api user's perspective. Would you accept such a change? |
Hmm, yes I see what you're saying, currently to pass per-request authentication settings you would need to set something on the request (or response) so that it could be used in facebook.authenticate etc. I think that we could achieve this with minimal changes, using the existing APIs;
Thoughts? |
To help me understand a little better. The new call would look like this?
|
Bump. Did I understand you correctly or not? From what I saw in the code I think that it would be less work and cleaner to change the signature to this, but maybe I missed something.
|
Sorry, I meant, something like: req.authenticate( 'facebook', { "facebook" : { scope: ["email", "birthday"] } } , cb) That middle argument hash already exists on the API, just needs plumbing through, however it isn't as clean as your suggestion, in this scenario. (there's an unfortunate collision here between the already supported 'scope' property on that hash and facebook's scope :) |
Maybe I'm just not understanding something, but it seems that you can only define the scope-to-be-used inside the strategy as an all-or-nothing deal when the strategy is created.
I'd like to be able to have my app request scopes by degrees - just getting the scope that's needed exactly when it's needed - like facebook encourages.
I'm trying to think of a way to add this feature without breaking anything. Maybe adding an options hash after the callback?
What would you suggest?
The text was updated successfully, but these errors were encountered: