W
Wasp-lang2mo ago
ArDev

Github auth "All user data"

When i create an oauth application, it says it will be able to read/write on all user data in github. i do no want this - how can i make it so all wasp requests is to read email - thats all
5 Replies
MEE6
MEE62mo ago
Wohooo @ArDev, you just became a Waspeteer level 8!
kapa.ai
kapa.ai2mo ago
Hi @ArDev. I'm kapa.ai, your friendly support bot. I will try to answer your question by searching through the knowledge base. :wave: ---------------------- To limit the data Wasp requests from GitHub to just the user's email, you can specify the user:email scope in the configFn function. This function allows you to customize the configuration of the provider's settings. Here's an example of how you can do this: 
export function getConfig() {  
 return {  
 scopes: ['user:email'],  
 };  
}
export function getConfig() {  
 return {  
 scopes: ['user:email'],  
 };  
}
In this example, the getConfig function is returning a configuration object with the scopes property set to ['user:email']. This means that Wasp will only request the user's email from GitHub. You can then import this function in your Wasp file like so: 
app myApp {  
 wasp: {  
 version: "^0.13.0"  
 },  
 title: "My App",  
 auth: {  
 userEntity: User,  
 methods: {  
 gitHub: {  
 configFn: import { getConfig } from "@src/auth/github.js",  
 userSignupFields: import { userSignupFields } from "@src/auth/github.js"  
 }  
 },  
 onAuthFailedRedirectTo: "/login"  
 },  
}  
app myApp {  
 wasp: {  
 version: "^0.13.0"  
 },  
 title: "My App",  
 auth: {  
 userEntity: User,  
 methods: {  
 gitHub: {  
 configFn: import { getConfig } from "@src/auth/github.js",  
 userSignupFields: import { userSignupFields } from "@src/auth/github.js"  
 }  
 },  
 onAuthFailedRedirectTo: "/login"  
 },  
}
In this Wasp file, the configFn property of the gitHub method is set to the getConfig function you defined earlier. This means that Wasp will use this function to get the configuration for the GitHub authentication method. For more information, you can refer to the Wasp documentation on GitHub authentication (https://wasp-lang.dev/docs/auth/social-auth/github#overrides). ---------------------- Note: you can ask me a follow up question by @ mentioning me again :speech_balloon: ---------------------- Sorry @ArDev, I seem to be having a bit of trouble. Don't worry though, I've pinged my support and they will try to fix me up! :technologist: Perhaps try again in 15mins?
Filip
Filip2mo ago
Hey @ArDev, In which step does the app tell you this?
ArDev
ArDev2mo ago
when a user tries to authenticate with github usually iirc with other tools it only says "app has only permission to read email" but for mine it says read&write, couldnt find anything in the oauth settings about this
Filip
Filip5w ago
I think that has to do with what kind of token you generate with github.
Want results from more Discord servers?
Add your server