docs: Improve Apple Sign-In setup with missing steps and troubleshooting#473
docs: Improve Apple Sign-In setup with missing steps and troubleshooting#473Zfinix wants to merge 5 commits into
Conversation
Zfinix
force-pushed
the
chore/update-sign-in-with-apple-docs
branch
from
7b94a3d to
132800b
Compare
…zations, and troubleshooting
Zfinix
force-pushed
the
chore/update-sign-in-with-apple-docs
branch
from
910cc7e to
12648da
Compare
…g domain requirements in troubleshooting
| The `webAuthenticationCallbackRoutePath` must match the **Return URL** you registered on your Service ID. The `revokedNotificationRoutePath` is called by Apple when a user revokes access from their Apple ID settings. | ||
|
|
||
| :::tip | ||
| If you need more control over how the credentials are loaded, you can use `AppleIdpConfig(...)` with manual `pod.getPassword()` calls instead. See the [customizations](./customizations) page for details. |
There was a problem hiding this comment.
This tip has slipped down to the web routes section. It belongs under "Add the Apple identity provider".
There was a problem hiding this comment.
Moved the tip up under "Add the Apple identity provider" right after the AppleIdpConfigFromPasswords() example, where it actually applies.
…omization options, and troubleshooting details
| ### Add the Apple identity provider | ||
|
|
||
| Your server's `server.dart` file (e.g., `my_project_server/lib/server.dart`) should already contain a `pod.initializeAuthServices()` call if your project was created with the Serverpod project template (`serverpod create`). If it's not there, verify that `serverpod_auth_idp_server` is in your server's `pubspec.yaml` and see [Setup](../../setup) to configure the auth module and JWT settings. | ||
| In your server project directory, add the auth IDP server package: |
There was a problem hiding this comment.
Under prerequisites we expect this to be installed. Now we add it. Is this in case they skipped the prerequisites? Please explain.
There was a problem hiding this comment.
You're right. Reframed the step as a fallback for users on upgraded projects that don't have it yet, instead of presenting it as required.
| ``` | ||
|
|
||
| Add the Apple import and `AppleIdpConfigFromPasswords()` to the existing `identityProviderBuilders` list: | ||
| `AppleIdpConfigFromPasswords()` reads the eight `apple*` keys from `config/passwords.yaml` (or the corresponding `SERVERPOD_PASSWORD_` environment variables), so you do not have to wire up each credential manually. In your server's `server.dart`, import it and add it to the existing `identityProviderBuilders` list on `pod.initializeAuthServices()`: |
There was a problem hiding this comment.
It is a bit confusing to lead with an explanation of the FromPasswords function, before it gets introduced. (AppleIdpConfigFromPasswords() reads the eight apple* keys from...)
We could let this paragraph only instruct the user to add the import and the FromPasswords, then comes the code sample and then we explain the FromPasswords.
Move the explanation sentence to after the code example and rephrase this paragraph.
There was a problem hiding this comment.
Restructured: now the paragraph just tells the reader to add the import + provider, then the code block, then a short sentence explaining what AppleIdpConfigFromPasswords() does. Reads in the right order now.
|
|
||
| Before you start, make sure you have: | ||
|
|
||
| - A Flutter project created with `serverpod create` (so the auth module and project template are in place). |
There was a problem hiding this comment.
This is true for most users, but not if you created the project with a an older framework version (<3.4?)
A user might not now what the auth module and project templates means. They should be able to quickly check off that they fulfill the prerequisites. And what to do if they don't (ie missing the new auth module).
The same goes for all providers.
There was a problem hiding this comment.
Good catch. Updated the prerequisite to call this out explicitly: new projects (Serverpod 3.4+) get the auth module via serverpod create, and older projects are pointed at the auth module setup guide first. Will mirror this on the other providers.
| In your server project directory, add the auth IDP server package: | ||
|
|
||
| ```bash | ||
| dart pub add serverpod_auth_idp_server |
There was a problem hiding this comment.
Do they need to do this if they fulfilled the prerequisites above? (ie have the auth module installed)
There was a problem hiding this comment.
Reworded the step as a fallback for upgraded projects rather than a required install.
There was a problem hiding this comment.
It is better now. However, a user having an old project still has to follow the full guide to install the auth module, right?
Is it better to refer to the full setup guide instead?
We do that under prerequisites, but if they rushed past it, this is good place to remind them.
| In your Flutter app's directory, add the auth IDP Flutter package: | ||
|
|
||
| ```bash | ||
| flutter pub add serverpod_auth_idp_flutter |
There was a problem hiding this comment.
This should be installed if prerequisites are met, right?
There was a problem hiding this comment.
Correction on my earlier reply, you were right. Verified that serverpod create adds serverpod_auth_idp_flutter to the Flutter pubspec by default. Reframed the flutter pub add line as a fallback ("if your app doesn't have this, e.g. you're upgrading an older project, add it") instead of a required step.
There was a problem hiding this comment.
If this step doesn´t cover the whole setup for the client, we should refer to the auth module setup page instead, as noted in the server section as well.
|
|
||
| ### Set production credentials | ||
|
|
||
| Switch from the `development:` values you used during setup to production ones. Pick the path that matches your deployment: |
There was a problem hiding this comment.
The normal use case is not to "Switch" credentials, right? You want to add the production ones so they are in use when running in production, and dev credentials will still be used in development. Rephrase this so it's clear for new backend devs to not replace the dev credentials.
There was a problem hiding this comment.
Rewrote the section. It now leads with "production runs out of the production: section, separate from development:" so it's clear that adding production credentials does not replace dev ones. Both stay and Serverpod picks the right set per run mode.
| ); | ||
| ``` | ||
|
|
||
| :::info |
There was a problem hiding this comment.
Is this outdated as it was removed? (That an exception here would abort the account creation)
There was a problem hiding this comment.
Verified in serverpod_auth_core_server: onAfterAuthUserCreated does run inside the same transaction as the auth user creation (the handler is called with the same transaction and exceptions propagate out, aborting the create). Re-added the info note under the example, rephrased for the user-level callback.
…ions, customization tips, and additional notes on credential management
`serverpod create` already ships `serverpod_auth_idp_server` and `serverpod_auth_idp_flutter` in the generated pubspecs, so the bare `pub add` steps were redundant for users on the standard template.
2 participants
Summary
--dart-defineinstructions for Web/Android client configuration$prefix from bash commandsTest plan
serverpod createproject