I’m hoping to get help with how to work with the Accounts packages and something like alanning:roles to allow users with existing accounts to perform certain actions without having to log in.
The use case is to send a link with a unique token (tied to an existing account) which grants access to perform some actions but requires full login for others. For example, let an existing user with the link see her latest in-app notifications but changing her email address would prompt for login.
If we can figure out a good design, I’d like to make it into a package that everyone can use.
I think we can figure out a way to do it that would avoid having to change existing auth code. One thing we’d definitely have to avoid is changing the security checks that are already in place just to support this feature.
One challenge is how to get the accounts packages to do this kind of pseudo-login. I’d suspect we’d have to bypass it a bit and write our own login token to the user account, for example. But also some kind of an indicator that access is restricted.
With roles, this may be saving the existing roles and restoring them later upon full login.
Another challenge is keeping the UI accurate even if roles are swapped out. For example, if a user has broadcast rights and that is something that requires a full login to do, the Broadcast nav button should still be visible to the user. So that would imply a special check somehow on “will have access after login”.
Looking for any help or thoughts on how to put this together!