Using use_scope for user authorization and more

[liberty-rising]

For our IDOM application timeflow, our team has been able to successfully implement user authorization through the use_scope method.

Our application is ran using FastAPI as the server (where we embed IDOM for the frontend, FastAPI for backend), thus we imported the use_scope method from idom.server.fastapi. Using FastAPI's Request object, we were able to pass various keywords and values into the session. Once this was done, using use_scope returned these values whenever it was called, from wherever in the application. This allowed us to hold the roles of users, and authorize them based on their role in the company.

Our next plans are to pass the CSS styles sheet into the scope so that the CSS can be loaded faster.

[Archmonger]

Glad to hear IDOM integration has been successful for you!

Let us know how stylesheet integration goes with FastAPI. I've been putting some more thought into that recently and trying to consider how we can do that better in a cross-framework fashion. On a tangent, if you think of anything else we could do better, definitely let us know!

Also just a heads up, idom.server is going to be renamed to idom.backend in the next version update.

[acivitillo]

@Archmonger let me put a few words on this as @liberty-rising and I have been working on this

1. IDOM embedded shows a lot of potential with use_scope. You can build 1 FastAPI layer to manage authentication and it just works. You can also import js, CSS etc in <head> for all apps, this is also a win
2. Since IDOM shines as embedded apps, an improvement would be for IDOM html to actually produce html. Right now we are writing the FastAPI HTML part with dominate, but dominate is very similar to IDOM's html
3. Since we can import js now, it would be good to limit IDOM's js footprint and accept the idea that other js libraries like alpine.js could be used
4. We plan to create a components library for IDOM. So back to point 3, being able to run other javascript code in IDOM would be great, many visualization libraries (we are a data company) require js

So far, the biggest improvement opportunities I see on my end, since you already delivered the great use_scope, are:

1. IDOM to move to server-rendered html
2. Removing the react.js dependency on client-side

[acivitillo]

I would send html from the server and would have a tiny js library to swap the html partials as they arrive. It seems to me from my limited understanding of the source code that a lot of the heavy lifting is done server side anyway

[Archmonger]

A lot is actually done client side, specifically in terms of DOM mutation and hooks. We will be retrospecting the DOM rendering pipeline after v1 drops, but it's unlikely that idom.html will ever return raw HTML.

Also, we're going to be working on simplifying embedding IDOM soon. Embedding IDOM components onto the page are going to be simplified in a way that is similar to how things are done on django-idom. And by that, I mean via jinja2 template tags.

[acivitillo]

OK, that would live us with a different html rendering on the FastAPI side, but you mention jinja2 so I see this is the direction you are taking too. If the html json remains, then probably moving to preact is a good idea

[Archmonger]

Talking about your fourth note, I've talked to Ryan before about trying to make module_from_template more robust and production usable. Ideally, I'd like anyone to be able to import components from NPM (or locally) and have it "just work" 90%+ of the time. In the instances where it's just technologically not possible, users would need to dip into "custom JavaScript components" as seen in the docs.

Ideally, we'd also include native support for components from other frameworks (ex. Vue, Angular) to expand our third party component library exponentially.

This is on our radar as something to be accomplished after v1's release. Let me know if this is what you were referring to.

[acivitillo]

I think a component library could solve some of the pain here, especially for data scientists or business app developers looking for something functional, not necessarily needing a lot of UI customizzation