Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ajax call \Sentinel::check() always return null. #235

Closed
baotao2006 opened this issue Sep 1, 2016 · 10 comments
Closed

ajax call \Sentinel::check() always return null. #235

baotao2006 opened this issue Sep 1, 2016 · 10 comments

Comments

@baotao2006
Copy link

Summary of issue

in revisions table, user_id always is null.

Steps to reproduce

go to the en/backend/translation/translations page, x-edit some translation.

System Details

  • Operating System
  • PHP Version
  • Laravel Version
  • Asgardcms/Platform 2.0
@nWidart
Copy link
Member

nWidart commented Sep 13, 2016

Hello,

Sorry for the late reply.
This seems to be an issue with revisionable package.

@baotao2006
Copy link
Author

REST API call ignore session user.

@baotao2006
Copy link
Author

in Modules\User\Http\Middleware\AuthorisedApiToken.php:
private function isValidToken($token)
{
$found = $this->userToken->findByAttributes(['access_token' => $this->parseToken($token)]);

    if ($found === null) {
        return false;
    }

    //for rest api current user
    \Sentinel::setUser($found->user);

    return true;
}

in Modules\User\Http\Middleware\AuthorisedApiTokenAdmin.php:

private function isValidToken($token)
{
    $found = $this->userToken->findByAttributes(['access_token' => $this->parseToken($token)]);

    if ($found === null) {
        return false;
    }

    //for rest api current user
    \Sentinel::setUser($found->user);

    if ($found->user->hasRoleName('admin') === false) {
        return false;
    }

    return true;
}

@nWidart nWidart mentioned this issue Sep 21, 2016
Closed
@nWidart
Copy link
Member

nWidart commented Sep 21, 2016

Thanks! I will try those out.

@nWidart
Copy link
Member

nWidart commented Nov 14, 2016

Hello,

Sorry for late reply.
I just tested this and it seems to work, thanks! 👍

I'm not super happy with the fact that it couples sentinel though.

@nWidart
Copy link
Member

nWidart commented Nov 14, 2016

@armababy pointed out ot me that we shouldn't be able to access the session in an API, to have a correct RESTful api, which makes sense.

We'd need to find a way to set that user in API requests found via the token.
And finally Revisionable should have a way to send that user to them, instead of them having to figure it out.

@nWidart
Copy link
Member

nWidart commented Nov 14, 2016

Related: VentureCraft/revisionable#251

@nWidart nWidart closed this as completed Jun 14, 2017
@shincha3517
Copy link

@nWidart , do you have any update to get user by token without access the session?

@nWidart
Copy link
Member

nWidart commented Jul 17, 2017

Yes, you can use this trait: https://github.com/AsgardCms/Platform/blob/2.0/Modules/User/Traits/CanFindUserWithBearerToken.php

@shincha3517
Copy link

Thanks for help.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@nWidart @baotao2006 @shincha3517