Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Authentication API cleanup #13764

Merged
merged 12 commits into from
Oct 23, 2017
Merged

Authentication API cleanup #13764

merged 12 commits into from
Oct 23, 2017

Conversation

nijel
Copy link
Contributor

@nijel nijel commented Oct 20, 2017

Cleanup authentication API, move some helper code from common.inc.php to authentication classes.

Before submitting pull request, please check that every commit:

  • Has proper Signed-Off-By
  • Has commit message which describes it
  • Is needed on it's own, if you have just minor fixes to previous commits, you can squash them
  • Any new functionality is covered by tests

@nijel nijel self-assigned this Oct 20, 2017
@nijel
Share base code for AuthenticationPlugin::authSetUser
56c1c9f 
Signed-off-by: Michal Čihař <michal@cihar.com>
@nijel
Consistely use no return value for AuthenticationPlugin::authFails
13d2ff1 
It really does not return in the end, so make the docs consistent
with the code.

Signed-off-by: Michal Čihař <michal@cihar.com>
@nijel
Rationalize AuthenticationPlugin API
026d722 
Make the API more consistent, remove not needed auth prefix and stop
talking about advanced authentication which has been there about 10
years ago.

API changed:

- authCheck is now readCredentials
- authSetUser is now storeCredentials
- auth is now showLoginForm
- authFails is now showFailure
- storeUserCredentials is now rememberCredentials

Signed-off-by: Michal Čihař <michal@cihar.com>
@nijel
Move authentication logic to AuthenticationPlugin
9bc5bfd 
Issue #11731

Signed-off-by: Michal Čihař <michal@cihar.com>
@nijel
Move allow/deny rules check to AuthenticationPlugin
2327dbf 
Issue #11731

Signed-off-by: Michal Čihař <michal@cihar.com>
@codecov
Copy link

codecov bot commented Oct 20, 2017
edited
Loading

Codecov Report

Merging #13764 into master will increase coverage by 0.08%.
The diff coverage is 89.79%.

@@            Coverage Diff             @@
##           master   #13764      +/-   ##
==========================================
+ Coverage   53.78%   53.87%   +0.08%     
==========================================
  Files         485      485              
  Lines       82302    82290      -12     
==========================================
+ Hits        44268    44333      +65     
+ Misses      38034    37957      -77

@nijel
Pass failure reason to showFailure
62535ea 
This way we can avoid relying on global variables to check it.

Signed-off-by: Michal Čihař <michal@cihar.com>
@nijel
Avoid using PHP_AUTH_USER and PHP_AUTH_PW globals for auth
8e8f4bd 
Use object attributes to store the actual credentials and avoid
messing up with global variables.

Signed-off-by: Michal Čihař <michal@cihar.com>
@nijel
Remove not needed access through globals
c1375f4 
Signed-off-by: Michal Čihař <michal@cihar.com>
@nijel
Add test for AuthenticationPlugin::authenticate
e020dbf 
Signed-off-by: Michal Čihař <michal@cihar.com>
@nijel
Add tests for AuthenticationPlugin::checkRules
3f8e1f1 
Signed-off-by: Michal Čihař <michal@cihar.com>
@nijel
Fix createIV documentation
6cb2963 
Signed-off-by: Michal Čihař <michal@cihar.com>
@nijel
Check return value from cookieDecrypt
6619fe9 
This can return false and we should fail early once this happens.

Signed-off-by: Michal Čihař <michal@cihar.com>
@nijel nijel merged commit 41c55cc into phpmyadmin:master Oct 23, 2017
@nijel nijel deleted the auth branch October 23, 2017 09:15
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@nijel nijel

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@nijel