-
-
Notifications
You must be signed in to change notification settings - Fork 156
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Override the authentication listener to validate FORM_SUBMIT #1118
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Concept looks logical to me. Needs tests once @richardhj provided feedback.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The unit tests are still failing and there should be a test for the contao.security.authentication_listener
service in the ContaoCoreExtensionTest
class.
core-bundle/src/Security/Authentication/ContaoLoginAuthenticationListener.php
Outdated
Show resolved
Hide resolved
core-bundle/src/Security/Authentication/ContaoLoginAuthenticationListener.php
Outdated
Show resolved
Hide resolved
7acd209
to
c285cf6
Compare
I have update the basic PR features according to my findings yesterday with @richardhj The current frontend login implementation works around several issues Contao core has with Symfony security. Symfony assumes there's a URL where you POST the login data, and that there is a page where the login form is. By default, Symfony will redirect a user to the All of this is not actually how Contao works. In the Contao front end, one can place the login module on any page, and on that page the credentials should be checked. We also do not know a login redirect URL, we merely render the 401/403 page type in place. This is what this PR finally implements now: instead of using the default authentication entry point, which redirects or internally forwards to a This PR will collide with #1164 and I will rebase and fix issues and tests once #1164 is merged. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
# Conflicts: # core-bundle/src/Resources/config/services.yml # core-bundle/src/Security/Authentication/AuthenticationEntryPoint.php
This PR is feature-complete now, but I need to fix tests etc. Basically, we're moving away from configuring Symfony from behaving as needed by Contao, and simply implement the necessary 20% ourselves. To summarize the changes and make them more "readable":
This will collide with #1130 so @bytehead needs to rebase (mostly because I already removed the lock_period etc. config from the security factory. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Oh wow, this makes it so much easier for me to understand what's actually going on in the security authentication process 😄 Looks correct to me!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
PR looks very good. 👍 The tests are failing though.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
Thank you @aschempp. |
@richardhj can you see if this fixes #558 ?