Uh oh!
There was an error while loading.Please reload this page.
- Notifications
You must be signed in to change notification settings - Fork9.7k
[Security] Dispatch an event when "logout user on change" steps in#31138
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.
Already on GitHub?Sign in to your account
[Security] Dispatch an event when "logout user on change" steps in#31138
Uh oh!
There was an error while loading.Please reload this page.
Conversation
1396daf to452978aCompare1129413 to8f767eeCompare
linaori left a comment
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others.Learn more.
Great idea!
src/Symfony/Component/Security/Http/Event/LogoutUserChangeEvent.php OutdatedShow resolvedHide resolved
Uh oh!
There was an error while loading.Please reload this page.
8f767ee to36bb3b2CompareSimperfit commentedApr 18, 2019
Status: Needs Review |
src/Symfony/Component/Security/Http/Event/LogoutOnChangeEvent.php OutdatedShow resolvedHide resolved
Uh oh!
There was an error while loading.Please reload this page.
36bb3b2 tob6ad28aCompareSimperfit commentedApr 18, 2019
Status: Needs Review |
b6ad28a to5765f69CompareSimperfit commentedApr 18, 2019
Thanks@linaori and@noniagriconomie for the review ! |
noniagriconomie commentedApr 18, 2019 • edited
Loading Uh oh!
There was an error while loading.Please reload this page.
edited
Uh oh!
There was an error while loading.Please reload this page.
@Simperfit do not forget to update the doc accordingly when PR is finished :) |
95f1071 toecdeab8Comparechalasr commentedApr 26, 2019
Reverted my suggestion about allowing to reauthenticate the token from a listener, bad idea. Also renamed to |
Uh oh!
There was an error while loading.Please reload this page.
xabbuh commentedApr 27, 2019
If we also do not want to rely on the user concept, would it make sense to pass the old and the refreshed token instead of the user? |
b901b0b toabec9c1Comparechalasr commentedApr 27, 2019
@xabbuh 👍 Changed to |
Simperfit commentedApr 27, 2019
I like |
abec9c1 to40e4218Comparechalasr commentedApr 27, 2019 • edited
Loading Uh oh!
There was an error while loading.Please reload this page.
edited
Uh oh!
There was an error while loading.Please reload this page.
Renamed |
Simperfit commentedApr 27, 2019
Thanks for helping me finishing this@chalasr ;). |
Uh oh!
There was an error while loading.Please reload this page.
chalasr commentedApr 28, 2019
Thank you@Simperfit. |
…ge" steps in (Simperfit)This PR was merged into the 4.3-dev branch.Discussion----------[Security] Dispatch an event when "logout user on change" steps in| Q | A| ------------- | ---| Branch? | master| Bug fix? | no| New feature? | yes <!-- don't forget to update src/**/CHANGELOG.md files -->| BC breaks? | no <!-- seehttps://symfony.com/bc -->| Deprecations? | no <!-- don't forget to update UPGRADE-*.md and src/**/CHANGELOG.md files -->| Tests pass? | yes <!-- please add some, will be required by reviewers -->| Fixed tickets |#26902 <!-- #-prefixed issue number(s), if any -->| License | MIT| Doc PR |symfony/symfony-docs#11450 <!-- required for new features --><!--Write a short README entry for your feature/bugfix here (replace this comment block.)This will help people understand your PR and can be used as a start of the Doc PR.Additionally: - Bug fixes must be submitted against the lowest branch where they apply (lowest branches are regularly merged to upper ones so they get the fixes too). - Features and deprecations must be submitted against the master branch.-->This adds a new event when the user has been changed and has been log out from the apps, it allow someone to register to this event and do something with either to token or the refreshedUser.Commits-------40e4218 [Security] Dispatch an event when "logout user on change" steps in
| * Dispatch`SwitchUserEvent` on`security.switch_user` | ||
| * Deprecated`Argon2iPasswordEncoder`, use`SodiumPasswordEncoder` instead | ||
| * Deprecated`BCryptPasswordEncoder`, use`NativePasswordEncoder` instead | ||
| * Added`DeauthenticatedEvent` dispatched in case the user has changed when trying to refresh it |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others.Learn more.
What is "it" here? The user?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others.Learn more.
I think "it" refers to the Token here. What about "AddedDeauthenticatedEvent dispatched in case the user has changed when trying to refresh the token"?
| useSymfony\Contracts\EventDispatcher\Event; | ||
| /** | ||
| * Deauthentication happens in case the user has changed when trying to refresh it. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others.Learn more.
Sentence should be changed as well
…" steps in (Simperfit)This PR was merged into the master branch.Discussion----------[Security] Dispatch an event when "logout user on change" steps in<!--If your pull request fixes a BUG, use the oldest maintained branch that containsthe bug (seehttps://symfony.com/roadmap for the list of maintained branches).If your pull request documents a NEW FEATURE, use the same Symfony branch wherethe feature was introduced (and `master` for features of unreleased versions).-->This documents the new event implemented insymfony/symfony#31138Commits-------b5e6038 [Security] Dispatch an event when "logout user on change" steps in
Uh oh!
There was an error while loading.Please reload this page.
This adds a new event when the user has been changed and has been log out from the apps, it allow someone to register to this event and do something with either to token or the refreshedUser.