Merge branch 'master' into update-preconstruct

keystonejs · Nov 3, 2019 · cfffcac · cfffcac
2 parents 53657d8 + b34c6d9
commit cfffcac
Show file tree

Hide file tree

Showing 6 changed files with 57 additions and 20 deletions.
diff --git a/docs/api/authentication.md b/docs/api/authentication.md
@@ -19,6 +19,9 @@ const { PasswordAuthStrategy } = require('@keystonejs/auth-password');
 const authStrategy = keystone.createAuthStrategy({
   type: PasswordAuthStrategy,
   list: 'User',
+  config: {
+    /*...config */
+  }
 });
 ```
 
@@ -33,10 +36,11 @@ module.exports = {
 
 ## Config
 
-| Option | Type           | Default    | Description                                                        |
-| ------ | -------------- | ---------- | ------------------------------------------------------------------ |
-| `type` | `AuthStrategy` | (required) | A valid authentication strategy.                                   |
-| `list` | `String`       | (required) | The list that contains and authenticated item, for example a user. |
+| Option   | Type           | Default    | Description                                                       |
+| -------- | -------------- | ---------- | ----------------------------------------------------------------- |
+| `type`   | `AuthStrategy` | (required) | A valid authentication strategy.                                  |
+| `list`   | `String`       | (required) | The list that contains an authenticated item, for example a user. |
+| `config` | `Object`       | `{}`       | Strategy-specific config options.                                 |
 
 _Note_: Different authentication strategies may have additional config options. See the documentation for individual authentication strategies for more details.
 

diff --git a/docs/guides/schema.md b/docs/guides/schema.md
@@ -9,7 +9,7 @@ KeystoneJS is comprised of 3 distinct pieces, which can be described as:
 
 <pre>
   <code>
-    Schema => (&#x0007B; <a href="../tutorials/admin-ui">AdminUI</a>, <a href="../tutorials/intro-to-graphql">GraphQL</a> &#x0007D;)
+    Schema => (&#x0007B; <a href="/keystonejs/app-admin-ui">AdminUI</a>, <a href="/guides/intro-to-graphql">GraphQL</a> &#x0007D;)
   </code>
 </pre>
 
@@ -117,7 +117,7 @@ keystone.createList('Todo', {
 
 In this example, the `adminConfig` options will apply only to the `Todo` list
 (setting how many items are shown per page in the [Admin
-UI](/tutorials/admin-ui)). The `isRequired` option will ensure an API error
+UI](/keystonejs/app-admin-ui)). The `isRequired` option will ensure an API error
 is thrown if a `task` value is not provided when creating/updating items.
 
 <!-- TODO: Screenshot -->

diff --git a/packages/app-admin-ui/README.md b/packages/app-admin-ui/README.md
@@ -33,12 +33,28 @@ module.exports = {
 
 ### Config
 
-| Option               | Type     | Default      | Required | Description                                                               |
-| -------------------- | -------- | ------------ | -------- | ------------------------------------------------------------------------- |
-| `adminPath`          | `String` | `/admin`     | `false`  | The path of the Admin UI.                                                 |
-| `apiPath`            | `String` | `/admin/api` | `false`  | The path of the API provided to the Admin UI.                             |
-| `graphiqlPath`       | `String` | `/admin/api` | `false`  | The path of the graphiql app, an in-browser IDE for exploring GraphQL.    |
-| `authStrategy`       | `Object` | `null`       | `false`  | See [Authentication Guides](https://keystonejs.com/guides/authentication) |
-| `pages`              | `Array`  | `null`       | `false`  |                                                                           |
-| `enableDefaultRoute` | `Bool`   | `false`      | `false`  | If enabled, the path of the Admin UI app will be set to `/`.              |
-| `schemaName`         | `String` | `public`     | `false`  |                                                                           |
+| Option               | Type       | Default      | Required | Description                                                               |
+| -------------------- | ---------- | ------------ | -------- | ------------------------------------------------------------------------- |
+| `adminPath`          | `String`   | `/admin`     | `false`  | The path of the Admin UI.                                                 |
+| `apiPath`            | `String`   | `/admin/api` | `false`  | The path of the API provided to the Admin UI.                             |
+| `graphiqlPath`       | `String`   | `/admin/api` | `false`  | The path of the graphiql app, an in-browser IDE for exploring GraphQL.    |
+| `authStrategy`       | `Object`   | `null`       | `false`  | See [Authentication Guides](https://keystonejs.com/guides/authentication) |
+| `pages`              | `Array`    | `null`       | `false`  |                                                                           |
+| `enableDefaultRoute` | `Bool`     | `false`      | `false`  | If enabled, the path of the Admin UI app will be set to `/`.              |
+| `schemaName`         | `String`   | `public`     | `false`  |                                                                           |
+| `isAccessAllowed`    | `Function` | `true`       | `false`  | Controls which users have access to the Admin UI.                         |
+
+### `isAccessAllowed`
+
+This function takes the same arguments as a [shorthand imperative boolean](https://www.keystonejs.com/api/access-control#shorthand-imperative-boolean) access control. It must return either true or false.
+
+If omitted, all users _with accounts_ will be able to access the Admin UI. The example below would restrict access to users with the `isAdmin` permission.
+
+#### Usage
+
+```js
+new AdminUIApp({
+  /*...config */
+  isAccessAllowed: ({ authentication: { item: user, listKey: list } }) => !!user && !!user.isAdmin,
+}),
+```
diff --git a/packages/auth-passport/README.md b/packages/auth-passport/README.md
@@ -7,7 +7,7 @@ title: Passport Auth Strategy
 # Passport Auth Strategy
 
 Enable KeystoneJS authentication via services such as Google, Twitter, Facebook,
-GitHub, and any [others supported by `passport.js`](passportjs.org/packages/).
+GitHub, and any [others supported by `passport.js`](http://www.passportjs.org/packages/).
 
 ## Authentication Flows
 

diff --git a/packages/keystone/README.md b/packages/keystone/README.md
@@ -26,10 +26,10 @@ const keystone = new Keystone({
 | `adapter`        | `Object`   | Required   | The database storage adapter. See the [Adapter Framework](https://keystonejs.com/keystonejs/keystone/lib/adapters/) page for more details. |
 | `adapters`       | `Object`   | `{}`       | A list of named database adapters. Use the format `{ name: adapterObject }`.                                                               |
 | `defaultAdapter` | `String`   | `null`     | The name of the database adapter to use by default if multiple are provided.                                                               |
-| `defaultAccess`  | `Object`   | `{}`       |                                                                                                                                            |
-| `onConnect`      | `Function` | `null`     |                                                                                                                                            |
-| `cookieSecret`   | `String`   | `qwerty`   |                                                                                                                                            |
-| `cookieMaxAge`   | `Int`      | 30 days    |                                                                                                                                            |
+| `defaultAccess`  | `Object`   | `{}`       | Default list and field access. See the [Access Control](https://www.keystonejs.com/api/access-control#defaults) page for more details.     |
+| `onConnect`      | `Function` | `null`     | Callback that executes once `keystone.connect()` complete. Takes no arguments.                                                             |
+| `cookieSecret`   | `String`   | `qwerty`   | The secret used to sign session ID cookies. Should be long and unguessable. Don't use this default in production!                          |
+| `cookieMaxAge`   | `Int`      | 30 days    | The maximum time, in milliseconds, session ID cookies remain valid.                                                                        |
 | `secureCookies`  | `Boolean`  | Variable   | Defaults to true in production mode, false otherwise. See below for important details.                                                     |
 | `sessionStore`   | `Object`   | `null`     | A compatible Express session middleware.                                                                                                   |
 | `schemaNames`    | `Array`    | `[public]` |                                                                                                                                            |
@@ -307,3 +307,19 @@ mutation newTodo($name: String) {
 | ----------- | -------- | ------- | ------------------------------------------------------------------------------------------------------------------------- |
 | `variables` | `Object` | `{}`    | The variables passed to the graphql query for the given queryString.                                                      |
 | `context`   | `Object` | `{}`    | Override the default `context` object passed to the GraphQL engine. Useful for adding a `req` or setting the `schemaName` |
+
+## createAuthStrategy(config)
+
+Creates a new authentication middleware instance.
+
+### Usage
+
+```js
+const authStrategy = keystone.createAuthStrategy({
+  /*...config */
+});
+```
+
+### Config
+
+See the [Authentication](https://www.keystonejs.com/api/authentication) docs for full details.
diff --git a/website/static/_redirects b/website/static/_redirects
@@ -0,0 +1 @@
+/keystone-alpha/* /keystonejs/:splat  301