New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Convert session and cookie management to Laravel #9566
Comments
I've experimented with this but think the next step is to work with the session middleware. Calling in @touhidurabir for a look! Draft PRs (very much WIP):
To even start getting these working it's necessary to replace the |
@asmecher Draft PR Login/Logout works fine and can access the app . Still need a lot of work on remember me, password update/reset, email/username update test, Login as other user etc . Also had to override few of laravel core classes . |
@asmecher please review the draft PR at pkp-lib --> #9596 pretty much all done except few more clean up and |
@touhidurabir you've mentioned there was something not working very well, but I guess it's solved by now, right? Or do you still need some ideas? |
@jonasraoni the part I was struggling with was the session auto regeneration part and it has been resolved . Thanks for taking time to look into it. |
@asmecher all addressed . if all ok, should be good to merge . |
* WIP replace sessions with Laravel * #9566 Laravel auth system integration * #9566 fixing session disable const checking and initialization * #9566 laravel session WIP * #9566 session regenration and old session manager clean up * #9566 added remember me functionality * #9566 fixed logout with auth key details persistence * #9566 fixed device force logout redirect issue * #9566 fixed login issue after migration from older session implementation * #9566 completed sign in/out as and updated session data update in PKPRequest::__destruct * #9566 updates based on PR review * #9566 added check to make sure seesion table exists before saving session * #9566 moved session storage update within register_shutdown_function * #9566 removed unused function param * #9566 added upgrade migration * #9566 fixed issue and doc blocks based on PR review * #9566 removed older implementation cookie issue override method as fixed by setting domain * #9566 removed previously added application upgrade settings from migration tool * #9566 trying to fix mysql build issue * #9566 added db service provider re-registration at install time * #9566 added cookie encryption ability * #9566 session disable check moved to PKPSessionGuard with session user_id key update * #9566 fixed typo * #9566 command line session issue * #9566 clean up of old session manager and dao related implementations * #9566 session default base path update * #9566 session default base path revert back * #9566 fixed cookie path issue * #9566 removed AUTH_KEY_* const usage and related code --------- Co-authored-by: Alec Smecher <alec@smecher.bc.ca>
pkp/pkp-lib#9566 replaced old session manager with new pkp session guard
Congratulations, @touhidurabir, all merged! |
Describe the bug
In preparation for work on OAuth/SSO, convert the underlying aspects of OJS/OMP/OPS from bespoke implementations to Laravel's toolset.
It is unclear how much of this can be done without needing to convert major aspects of the stack, e.g. authorization and request handling; this work should stop short of a major intervention for the moment.
Opportunities:
SessionManager
withSessionServiceProvider
/session()
Session
/SessionDAO
with Eloquent-based implementation (shipped with Laravel, I think)CookieManager
UserProvider
implementation serving users to Laravel from currentEntityDAO
user implementationPitfalls:
lib/vendor/laravel/framework/src/Illuminate/Session/Middleware/*
to get sessions to work properly. Not sure how deep that rabbit-hole goes yet.PRs
pkp-lib --> #9596
ojs --> pkp/ojs#4132
ops --> pkp/ops#646
omp --> pkp/omp#1531
orcidProfile --> pkp/orcidProfile#313
The text was updated successfully, but these errors were encountered: