Skip to content

Clerk authentication#118

Merged
camdendotlol merged 11 commits into
developfrom
cm/clerk
Jul 15, 2026
Merged

Clerk authentication#118
camdendotlol merged 11 commits into
developfrom
cm/clerk

Conversation

@camdendotlol

@camdendotlol camdendotlol commented Jul 14, 2026

Copy link
Copy Markdown
Contributor

Summary

This PR migrates FairImage to Clerk. (Note: Unlike similar changes to FairData, etc., FairImage does not retain a local authentication mode, and will require Clerk from here on out.)

The most notable code changes are the removal of a bunch of stuff:

  • lots of stuff involved in updating user and org data, as everything except for API key (users) and location (orgs) is managed by Clerk now
  • anything password-related
  • the avatar upload/management/display stuff for users (this is still used for orgs and projects though)
  • our jwt-auth gem as well as bcrypt

Admin status is tied to the is_global_admin field in Clerk private metadata that we've been using across other Performant Studio apps.

Testing

I did not write a Clerk migration script due to the small number of users and orgs, so this will not be immediately ready to test after deployment until I update everyone's SSO IDs in the Rails console.

FairImage enables the Sidekiq admin UI which is separated from the rest of the Rails app but was set up to require a username/password from an admin account. I've updated this code to check for a Clerk cookie instead, but testing it locally would be tricky so this is a high priority to double-check once staging is deployed.

Lastly, we should make sure that the API key system remains working and unchanged, and that edits on the user/org forms still work.

@socket-security

socket-security Bot commented Jul 14, 2026

Copy link
Copy Markdown

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security
Vulnerability Quality Maintenance License
Addedgem/​clerk-sdk-ruby@​7.0.080100100100100
Addednpm/​@​clerk/​react@​6.12.28710094100100

View full report

@camdendotlol
camdendotlol requested a review from blms July 14, 2026 19:19

@blms blms left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code looks good, and it works well! I added a note about VITE_CLERK_SIGN_IN_URL after some local testing.

@camdendotlol
camdendotlol merged commit 03435bd into develop Jul 15, 2026
2 checks passed
@camdendotlol
camdendotlol deleted the cm/clerk branch July 15, 2026 14:56
@blms

blms commented Jul 15, 2026

Copy link
Copy Markdown
Contributor

@camdendotlol were you able to get the client to pick up env vars from .env in the root directory? I either had to have .env in both directories, or configure vite.config.js to look at ../ instead of process.cwd().

@camdendotlol

camdendotlol commented Jul 15, 2026

Copy link
Copy Markdown
Contributor Author

@camdendotlol were you able to get the client to pick up env vars from .env in the root directory? I either had to have .env in both directories, or configure vite.config.js to look at ../ instead of process.cwd().

Yes, FairImage only needs a .env in the root. I don't have an env file under client.

Did you run the app using bundle exec rake start? I have a feeling it does something to propagate the environment variables between the two.

@blms

blms commented Jul 15, 2026

Copy link
Copy Markdown
Contributor

Ah, that was it, thanks. I was running it with bundle exec rails s which I guess only runs the api, and running yarn in a separate terminal.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants