Add Logout Feature + Sessions

[nelsonic]

• Create migration to add app_id, auth_provider and person_id (ref) to sessions table for Create /logout endpoint #158 / rel: [Epic] Session Management #30
• Add basic session management [Epic] Session Management #30
  • New fields via migration
  • insert_session
  • end_session
  • Add tests!! with async: true to speed up execution. ✅
• Create /logout feature
• Create /api/logout endpoint that can be invoked from any "consumer" app via AuthPlug.logout/1
• Publish new version to Heroku: https://authdev.herokuapp.com/
• Ask Simon for review. 🤞

[codecov]

Codecov Report

Merging #159 (cfad7f6) into main (5ccae7e) will not change coverage.
The diff coverage is 100.00%.

@@            Coverage Diff            @@
##              main      #159   +/-   ##
=========================================
  Coverage   100.00%   100.00%           
=========================================
  Files           22        23    +1     
  Lines          529       554   +25     
=========================================
+ Hits           529       554   +25     

Impacted Files	Coverage Δ
lib/auth/log.ex	100.00% <ø> (ø)
lib/auth/session.ex	100.00% <100.00%> (ø)
lib/auth/user_agent.ex	100.00% <100.00%> (ø)
lib/auth_web/controllers/api_controller.ex	100.00% <100.00%> (ø)
lib/auth_web/controllers/auth_controller.ex	100.00% <100.00%> (ø)
lib/auth_web/router.ex	100.00% <100.00%> (ø)

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 5ccae7e...cfad7f6. Read the comment docs.

[SimonLab]

Compiling the project returns the following warning and error:

I think there are more things to comment or remove to make sure Swoosh is removed.
Looking at dwyl/phoenix-chat-example#66 to see what I've done to remove it

[nelsonic]

Merci Simon. 🙏

[SimonLab]

It works fine on a fresh git clone. I think it might have been a conflict in my dependencies with another branch.
However swoosh is still defined in mix.lock file. If we want to remove the dependency completely we can run mix deps.clean --unused --unlock

[SimonLab]

I'm not sure if we need to run assets.deploy in Procfile.
The elixir_buildbpack file run this command already:
https://github.com/dwyl/auth/blob/main/elixir_buildpack.config

[nelsonic]

@SimonLab perfect. I was in doubt that it was working. but if you've confirmed it, let's remove it. 👍

[SimonLab]

Here the sid is added to conn so the end_session function can update the end session value. The sid is then removed from the conn.
Instead of passing conn to the function I think we can pass the session_id directly. We'll need to udpate also the parameter for end_session and update_session_end but I think it makes things a be more easy to read and we'll be able to remove |> assign(:sid, session_id)

[nelsonic]

That seems like a sensible refactor. The only reason I was doing adding the sid to conn was for pipeline. But if instead we make the session_id the second parameter of Auth.Session.end_session then it will be much cleaner. 💭

[SimonLab]

I think we can even remove completely the conn and just have one argument. I'll check this on a new branch

[SimonLab]

Not sure why a conflict appears with the latest commit:

I'll delete the spaces

[SimonLab]

Sessions looks good, thanks.
I still find the auth_controller a bit long and not as easy to read.
Hopefully the next PRs will make this easier to navigate

[nelsonic]

@SimonLab yeah, the auth_controller is definitely too big and could easily be split/simplified: https://github.com/dwyl/auth_plug/issues/40