Comments (10)
Hi,
You're right, those member variables should be set to protected to allow easier overwrite. I'll add interfaces too to have more flexibility.
from lexikjwtauthenticationbundle.
Sounds good.. do let me know once done.
Are you implying that there will be a configuration to override the JWTProvider used?
While you're at this.. don't you think there should be a way to access the Request object within the JWTProvider class. The quickest way I deem this will be possible without breaking backwards compatibility is by adding the getRequest() function to the JWTManager class which already has the setRequest(..) function to inject the request. It only but makes sense that there should be a getter so the JWTProvider can access the Request context too..
For example, if I am building a multi-tenant API and I need to access the app id from the URL to ensure that the UserProvider returned belongs to the app id being requested, I will need access to the request object to access one or more attributes.
from lexikjwtauthenticationbundle.
That's a good idea, let's add the getRequest() method to the JWTManager.
I've started a branch if you want to have a look at it. Basically, it allows to completely override the JWTProvider used in the lexik_jwt
section of the firewall configuration if needed.
For those who just don't want to authenticate users by username, I started moving out of the main methods the logic to extract user from token payload and to add user identity to payload. Overriding those methods in sub classes should be sufficient. Dispatching an event might also do the trick without having to create new classes.
What do you think ?
from lexikjwtauthenticationbundle.
- Yes, please add the getRequest() to the JWTManager, I've had to override the class and both the setRequest and getRequest to access the request object. (Even the $request variable is private and should ideally be protected).
- The branch looks good. I feel the configuration name could be just
authentication_provider
instead ofauthentication_provider_service
to keep it in line with how I suppose symfony2 names such config. (providers are implicitly service ids) - Regarding the third point. Looks neat. This way, I can easily modify the field names which are used for the user identity by overriding both these functions. Perhaps the array key name 'username' can be a protected variable too which can be overriden if someone doesn't want to change the logic of extracting user from token or adding it to token, but just changing the field name used.
protected $userIdentityField = 'username'
Also exposing this as a public getter public function getUserIdentityField
. The use case for this could be if someone is building an endpoint to refresh the token, he would generally take the old taken as input and provide a refreshed token. This process requires extraction of the username field in the token (without checking if the token has expired) and then re-encoding it back into a new token. The new token can be easily generated using the AuthenticationSuccessHandler but the extraction of just the user identity will require the field name.
from lexikjwtauthenticationbundle.
OK for 1 and 2, it makes sense.
About 3, I think you're right. But in the meantime, it might be a lot for the JWTManager to handle.
It might be useful to add some sort of PayloadGenerator service (and the corresponding interface). Injected in the JWTManager like the encoder is, it would allow much more flexibility.
The default implementation would only do what's done in the manager : add username as identity and the expiration date (that way the ttl parameter should be removed from the manager).
The only downside I see to this is the overhead to maintain backward compatibility.
from lexikjwtauthenticationbundle.
Excuse my delayed reply. Have you made any release progress on this?
I don't think anyone would find the need to remove the ttl parameter, and if they want to, removing it in the event listener seems fine.
I don't see any of the above changes breaking BC. Which particular implementation do you think will break backwards compatibility?
from lexikjwtauthenticationbundle.
Hi, I just updated the branch and added a configuration option for the userIdentityField. No BC break included, I'll do the big refactoring later. Tell me if it's ok for you. #40
from lexikjwtauthenticationbundle.
@slashfan Looks positive. Will update my composer and try this out locally this week. Will let you know if any feedback.
from lexikjwtauthenticationbundle.
Ok, I'll tag it soon. Might be time for a 1.1.0.
from lexikjwtauthenticationbundle.
There is a new method setUserIdentityField() on JWTProvider
from lexikjwtauthenticationbundle.
Related Issues (20)
- Generation documetation after onAuthenticationSuccessResponse
- Impersonate / Switch User HOT 4
- Can we tell this bundle not to use Redis? HOT 5
- Decoding JWS Fails when Payload is Empty
- Multiple JWT authenticators
- Wrong definition of AccessTokenBuilder HOT 2
- Fatal error Trait ForwardCompatAuthenticatorTrait not found on console cache:warmup command
- token no longer being created HOT 3
- Symfony 5.4 -> 6.4 upgrade problems HOT 11
- Cannot customise cookies with `set_cookies` option HOT 1
- Session was used while the request was declared stateless HOT 6
- Issue with LMI HMC M3F3 EXTRACTION HOT 3
- Redirecting not working with custom listener
- The algorithm with the alias "" is not supported HOT 4
- deprecation HOT 1
- Custom lexik_jwt_authentication.key_loader HOT 1
- Add Doc on pem path: have to be lke this file://path/to/file.pem
- JWT cookies not working with custom encoder
- LcobucciJWSProvider is ignoring an "InvalidArgumentException"
- Error 500 when trying to use new blocklist feature
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from lexikjwtauthenticationbundle.