Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove Lucia from the lucia adder #68

Closed
AdrianGonz97 opened this issue Oct 8, 2024 · 5 comments · Fixed by #98
Closed

Remove Lucia from the lucia adder #68

AdrianGonz97 opened this issue Oct 8, 2024 · 5 comments · Fixed by #98

Comments

@AdrianGonz97
Copy link
Member

AdrianGonz97 commented Oct 8, 2024
edited
Loading

The library is being deprecated in favor of users implementing the session handling themselves (see: lucia-auth/lucia#1707).

I've migrated over an example project that uses the /demo route that our adder creates: https://github.com/AdrianGonz97/definitely-not-lucia-sveltekit-example

and honestly, it's not all that much different besides the additional ~60 LoC in lib/server/auth.ts (which can be further simplified). With this change, we may also be able to pull off the // TODO: comment idea that @benmccann proposed for users that don't necessarily want to use drizzle

There's also been mentions of a potential scaffolding CLI where it adds the necessary session handling code to your project. We may be able to utilize this as well (if it's ever made).
@benmccann
Copy link
Member

I wonder if we need to create a session in the database. I'm not sure if it's something most apps would use. If you did want to store something in the database for a logged-in user such as a shopping cart, you would probably put it in a table dedicated for that use rather than a general session table. For a logged out user you would probably use local storage. I feel like a general session table isn't necessarily a great practice and I'm not sure we should generate those extra lines by default.

@Conduitry
Copy link
Member

It's impossible to SSR something based on local storage or to have a website work without JS if you use it, both of which are pretty core tenets of Svelte's ideology.

@benmccann
Copy link
Member

You could use a cookie then. In either case you're not going to be able to use the referred to code sample for a logged out user because it requires a user to work. I'm not sure the generic session in a DB approach is one we should be promoting?

@benmccann
Copy link
Member

I guess the new one could just be called Oslo.

It'd also be nice to have an Arctic integration at some point. But might be too much to do before launch: https://lucia-auth.com/tutorials/github-oauth/sveltekit

@benmccann
Copy link
Member

Oh, I was a bit sleep deprived when I looked at this the other day. I thought it was storing arbitrary info in the session table, but it's not. It's merely storing a session ID. That's probably not strictly necessary, but I guess it allows you to revoke a session

There's some stuff in Lucia that is just copy/pasted a bunch right now and I think could live in one of their other libraries: lucia-auth/lucia#1707 (comment)

This item feels a bit big at the moment. Maybe we should just remove Lucia for launch so that we have more time to consider and see how things shake out

@benmccann benmccann mentioned this issue Oct 11, 2024
Open
24 tasks
@AdrianGonz97 AdrianGonz97 mentioned this issue Oct 12, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

chore: remove Lucia from lucia sveltejs/cli
3 participants
@benmccann @Conduitry @AdrianGonz97