Support for sign-in & sign-up via OAuth resource owner #163
Conversation
|
Good idea 👍 |
|
@headrevision If you want to open a PR from this branch, I will be more than happy to discuss the problem. Thanks! |
|
@pjedrzejewski I have changed it to a implementation that is less generic but that actually works now with Amazon. The Behat scenarios in https://github.com/headrevision/Sylius/blob/oauth-login/features/frontend/user_login_via_amazon.feature fail during the form submit step (https://github.com/headrevision/Sylius/blob/d05a26dc679dc2c1b8d60b51e230a0351d4a21eb/features/frontend/user_login_via_amazon.feature#L20) as you get to Amazon's 404 page. In any case Amazon's login form works without JS. So it should work with Goutte. I don't know why it doesn't. BDD-ish thinking tells us to get rid of the separate OAuth login page next (ie. add the OAuth sign-in provider buttons to the existing Sylius login page). Subsequently they should also be added to the registration page. |
| <attribute-override name="password"> | ||
| <field name="password" column="password" nullable="true" /> | ||
| </attribute-override> | ||
| </attribute-overrides> |
There was a problem hiding this comment.
IMO this is not good idea... If you have email of user, why not use FOSUserBundle to generate password and send it to user? =)
@pjedrzejewski ping
There was a problem hiding this comment.
@stloyd I don't feel comfortable with this either. But generating a (second) password would make the possibility to sign in via a foreign account expendable. It would just serve the purpose of initially signing in for the implicit sign-up at Sylius. That is clearly not the intention behind all those "login with ..." services.
|
@pjedrzejewski Finished with integrating OAuth sign-up & sign-in on login page as well as on register page. I also wrote Behat scenarios for that. Can you please give me feedback? |
|
@headrevision Thank you Fabian, I'll check it out today! |
|
First quick thought - I liked your approach with separate model for OAuth accounts, any reason to abandon this idea? |
|
@pjedrzejewski I would like to enable OAuth support in Sylius by default for Amazon, Google and Facebook (including configuration and DB changes) such that you can see the buttons on the login page and the register page. What do you think? (Proper integration in Twitter Bootstrap for that is still missing, it doesn't look very fancy yet) Just discovered that logout is not working so far in the case the user used OAuth instead of native login before. What else is missing in order to make this WIP PR a ready-to-merge PR? |
|
Now also Google is supported. Behat scenarios run successfully with WebDriver. |
| @@ -5,6 +5,8 @@ | |||
| <h1>Registration <small>Create an account in store</small></h1> | |||
| </div> | |||
|
|
|||
| {% render url('hwi_oauth_connect') %} | |||
There was a problem hiding this comment.
It's a detail but the function way is preferred: {{ render(url(...)) }}
|
Hi |
|
@marcoalbarelli Login via Amazon and Google works and other OAuth resource owners can be added easily. However the PR is not yet merged into Sylius/Sylius. |
|
@marcoalbarelli You could just try this branch. I would like to receive feedback from others if it works without any problems regarding configuration and if adding another resource owner is self-explaining. Just be aware that OAuth 2.0 requires a publicly accessible web server with SSL support. |
| # - sleep 5 | ||
| # - app/console cache:warmup --env=test > /dev/null | ||
| # - chmod -R 777 app/cache app/logs | ||
| - curl https://gist.github.com/santiycr/5139565/raw/sauce_connect_setup.sh | bash |
There was a problem hiding this comment.
What about using the addon at Travis-CI: http://about.travis-ci.org/docs/user/addons/#Sauce-Connect
|
I think I'll sit this one out, sry Thanks for your effort though |
…ign-in provider account (incomplete)
|
What the status of this PR @headrevision @pjedrzejewski? |
|
Closing in favor of #354. |
What is an e-commerce solution without the possibility to sign-up ad-hoc via a user account from an OAuth sign-in provider (eg. Login with Amazon, wich is particularly suggesting in the case of Sylius' application domain)?
I already began to work on a reference implementation for an OAuth support in Sylius by using the HWIOAuthBundle: https://github.com/headrevision/Sylius/tree/oauth-login
(so far the OAuth sign-in is completely separated from Sylius' native sign-in: http://t.co/TCZ5tZ0s0K)