Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

allow users to login when no password field is set #274

Merged
merged 1 commit into from
Oct 20, 2017
Merged

allow users to login when no password field is set #274

merged 1 commit into from
Oct 20, 2017

Conversation

jonmifsud
Copy link
Member

There are two changes; the most important is when there is no password field set; members was crashing when trying to set the password cookie. Just made a check to confirm that there is a password field.

Secondly I would like to initialise the Members extension from custom backend content pages. For example I want to login someone when conducting a payment (temporary redirect to a /symphony/extension/content page) however there is no way to get any status of the current user at that point. Allowing extensions to set a 'context' when the frontend user should be initialised is a nice thing to have. If there are other suggestions I'm open. I'm not really keen on using an event tied to a frontend page as that would have to be set manually every time I need to use the extension.

@michael-e
Copy link
Member

Regarding your second point: I must say that I am against any such relation or dependency between Members and the Symphony backend. Members functionality should be created in the frontend exclusively.

(The beauty of Members is that it cares for the frontend. I have said it many times, but I am alone with it: The purely PHP-driven backend is the biggest shortcoming of Symphony.)

Also, I those two topics shouldn't be in a single pull request. Can you please separate them?

@jonmifsud
Copy link
Member Author

Yep will separate, most likely later today when I have a few minutes to
spare.

The problem more than because it's a php backend; is that through an
extension you cannot say that you have a 'frontend' page. It doesn't make
sense that to use an extension to handle payments/oAuth, you need to create
a page called "authorize" and attach to it events x/y/z as otherwise it
will be impossible to know which user is logged in. I was trying to set up
some kind of Authorization for Paypal Login, using a content page through
the extension rather than an event.

On Wed, 30 Dec 2015 at 14:00 michael-e notifications@github.com wrote:

Regarding your second point: I must say that I am against any such
relation or dependency between Members and the Symphony backend. Members
functionality should be created in the frontend exclusively.

(The beauty of Members is that it cares for the frontend. I have said it
many times, but I am alone with it: The purely PHP-driven backend is the
biggest shortcoming of Symphony.)

Also, I those two topics shouldn't be in a single pull request. Can you
please separate them?


Reply to this email directly or view it on GitHub
#274 (comment).

@michael-e
Copy link
Member

Still, using a backend page for "frontend matters" is terrible. :-(

@nitriques
Copy link
Member

@jonmifsud Can you rebase and push against integration instead ? Thanks!

@jonmifsud jonmifsud force-pushed the allow-no-password-logins branch from 34f2892 to 1bc7201 Compare December 31, 2015 08:54
@jurajkapsz jurajkapsz mentioned this pull request Dec 31, 2015
Closed
@nitriques
Copy link
Member

@jonmifsud Can you rebase and push against integration instead ? Thanks!

@nitriques nitriques changed the base branch from master to integration October 19, 2017 21:29
@nitriques nitriques merged commit 38128a8 into symphonycms:integration Oct 20, 2017
nitriques added a commit that referenced this pull request Oct 24, 2017
@nitriques
Add MembersLogin delegate, for external log in
99f24e8 
Usign a section that does not contains a password has been discussed in
issue #274, but the PR did not actually provide a way to let other
extension authenticate the user.

Only if the members section DOES BOT contains a password field, the new
MembersLogin will be called. By default, log in is refused and extension
must explicitly set the required parameters with good values for the
login to succeed.
@nitriques nitriques mentioned this pull request Oct 24, 2017
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nitriques nitriques nitriques approved these changes

Assignees
No one assigned
Labels
needs testing suggestion
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@jonmifsud @michael-e @nitriques