Fork me on GitHub
Alex Whitt15:06:50

Hey guys. How do you think Meander would fare as the core of an authentication system? To my understanding, you're basically trying to match against a pattern when deciding whether or not access to something is authorized: "if the user's domain and the target domain are the same, AND the user's permissions level is this or that, OR the user ID is present in a database of special conditions and those conditions match what's trying to be accessed, THEN return true." Do you think matching is the right tool for this domain?


I can't speak directly to the authentication domain but I have used meander very successfully for complex pattern matching such as rewriting SQL (in honey format)


I'd be careful of ordering meander match clauses to ensure that you don't end up inadvertently matching and thus granting access with you shouldn't.

👍 2

If your data structure is complex, this can be a bit hard to get exactly right. However, if the data structure is straightforward (even if it is recursive), meander is good fit

Alex Whitt16:06:05

I'll try a POC and see how it looks

Alex Whitt16:06:14

I think our data is on the simple end of the spectrum


@UJF17G3T9 If you’re comfortable looping others in for feedback/support, drop a gist, etc. 👍


One additional bit: Most of my "over matching" problems are due to inappropriate use of m/$ . I start out thinking, recursively matching will save me a bunch of typing. I end up thinking, why did I ever think that was a good idea!

😂 4

I love m/$ for rummaging through data I’m unfamiliar with.


I've thought about an extension to m/$ that indicates a "recurse no deeper" pattern


something like the top-down-until strategy

👏 2