On Sat, Dec 30, 2023 at 10:16:59AM -0600, Eric Hanson wrote: > What do you think of adding a NO RESET option to the SET ROLE command?
I've wanted this forever. Consider using this to implement user authentication mechanisms in user-defined SQL functions that use `SET ROLE` with `NO RESET` to "login" the user. One could implement JWT (or whatever bearer token schemes) on the server side in PlPgSQL w/ pgcrypto this way, with zero changes to PG itself, no protocol changes, etc. For bearer token schemes one could acquire the token externally to the client and then just `SELECT login(?)`, bind the token, and execute to login. Nico --
