improvement (IAuthentication): extension of IAuthentication #702
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Integrating this would introduce a lot of breaking change which I can't handle until I'm done with the frontend rewrite. I'll keep this PR open and to be revisited when that other work is completed (sometime in the next 3 to 6 months) |
mickael-kerjean
changed the title
|
had to recreate this PR in order to clean up my repo for second PR |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR extends the existing
IAuthenticationinterface'sCallback()function to include the*http.Requestparameter.This enhancement allows plugins implementing this interface to access the HTTP request directly, and thereby enabling them to retrieve additional information, such as cookies, via
req.Cookie("my-cookie"). Additionally, it allows for request parsing to be handled by the plugin itself if desired.Processing cookies during the
Callback()can be highly beneficial for various login flows.The PR is structured into two commits:
Since this addition only involves adding a new parameter to the function signature, which is currently ignored in all existing plugins, it can be considered a minor change with essentially no impact on existing authentication plugins, although their signatures have to be updated, as I have done in this PR.
formDatafrom the function signature to avoid redundancy in passing both the request and the parsed bodyThis introduces a minor change in error handling: Parsing errors from
req.ParseForm()are now wrapped asNewError(err.Error(), 400)and handled by the error handling insession.goafter the call toIAuthentication.Callback(), resulting in a slightly changed redirect behavior:/?error=Not%20Valid&trace=parsing%20body%20-<error message>/?error=Not%20Allowed&trace=redirect%20request%20failed%20-<error message>If the new redirect behavior is undesirable, it can be adjusted to handle the error differently, although currently, all non-
ErrAuthenticationFailederrors inside theCallback()are treated this way. Alternatively, the second commit can be left out, ignoring the redundancy in favor of simplicity. I'm happy for feedback.Thank you for considering this change to improve the
IAuthenticationinterface :)