New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Make login hooks public #22743
Comments
The OCP\Util methods are in the public namespace, and the only way to connect to hooks afaik. @icewind1991 @PVince81 Are those hooks somehow connected to the events that are emitted via the emitterTrait? To be more precise - it's that event: https://github.com/owncloud/core/blob/stable8.1/lib/private/user/session.php#L223 |
@MorrisJobke not all private hooks are forwarded to the public API part (or weren't). They need to be explicitly forwarded. In any case, there is no implicit/automatic forwarding in place. From what I see on master, only the private hook is triggered: https://github.com/owncloud/core/blob/v8.2.2/lib/private/user.php#L291 |
@MorrisJobke if this is only about login hooks, then the ticket title should be "make login hooks public". Tagging as enhancement. |
CC @LukasReschke for security implications of having login hooks made public (one can intercept passwords, but actually they could also use the private ones...) |
But we need this vice versa too, or am I wrong? |
Ideally we'd want to get rid of the private hooks altogether. So the goal would be to have the login code trigger the new-style public hook. Then have a "legacy adapter" that will listen to the new-style hook and also trigger the old-style hook again. |
and make the login hooks cancellable: #13814 |
This is about a 8.1 instance - maybe different for 8.2 or master, but needs to be checked:
My answer:
From #18910 (comment):
cc @gig13 and @scolebrook
The text was updated successfully, but these errors were encountered: