Login via social media #3154
Login via social media #3154
Conversation
sspooky13
force-pushed
the
pt-login-with-social-media
branch
2 times, most recently
from
8e15c2b
to
433672b
Compare
| public function createConfig(string $redirectUrl): array | ||
| { | ||
| return [ | ||
| 'callback' => $redirectUrl, | ||
| 'providers' => [ | ||
| self::PROVIDER_GOOGLE => [ | ||
| 'enabled' => true, | ||
| 'keys' => [ | ||
| 'id' => $this->googleClientId, | ||
| 'secret' => $this->googleClientSecret, | ||
| ], | ||
| ], | ||
| self::PROVIDER_FACEBOOK => [ | ||
| 'enabled' => true, | ||
| 'keys' => [ | ||
| 'id' => $this->facebookClientId, | ||
| 'secret' => $this->facebookClientSecret, | ||
| ], | ||
| ], | ||
| self::PROVIDER_SEZNAM => [ | ||
| 'enabled' => true, | ||
| 'keys' => [ | ||
| 'id' => $this->seznamClientId, | ||
| 'secret' => $this->seznamClientSecret, | ||
| ], | ||
| 'scope' => 'identity', | ||
| 'adapter' => Seznam::class, | ||
| ], | ||
| ], | ||
| ]; | ||
| } | ||
| } |
There was a problem hiding this comment.
It would be nice to have this configuration via yaml in project-base. It should be possible to create some Configuration wrapper and then parse it to some structure.
The main purpose of this change is to give programmers an easier way to work with this feature and only one place where you can configure this feature.
| @@ -1,5 +1,5 @@ | |||
| monolog: | |||
| channels: ["cron", "queue", "slow"] | |||
| channels: ["cron", "queue", "slow", "socialNetwork"] | |||
There was a problem hiding this comment.
Is there any benefit to having a custom monolog channel only for social networks?
There was a problem hiding this comment.
yep, you can filter your social network messages in kibana by, e.g.: message: socialNetwork.INFO or message: socialNetwork.ERROR etc. but yes, you can do it same filter by message 🤷🤷♂️🤷♀️. If you don't use filter this way I can remove it
There was a problem hiding this comment.
I don't think this is necessary, but it's up to you
| defaults: { _controller: App\Controller\Front\SocialNetworkController::loginAction } | ||
| path: /social-network/login/{type} | ||
| requirements: | ||
| type: Google|Facebook|Seznam #copy from /packages/framework/src/Model/SocialNetwork/SocialNetworkConfigFactory.php |
There was a problem hiding this comment.
This is another part that you need to edit as a programmer if you want to add/remove any type of login. It would be nice to enable all types (or simply anything) here and check enabled types directly in controller
There was a problem hiding this comment.
changed in 68ae66f
| @@ -0,0 +1,80 @@ | |||
| <?php | |||
There was a problem hiding this comment.
Can we move this controller into the Framework package? I know that this is primarily used for Frontend, but I don't see any benefit to having this class in project-base. This file will probably not be edited on projects.
| const [socialNetworkLoginFacebook, socialNetworkLoginGoogle, socialNetworkLoginSeznam] = | ||
| getInternationalizedStaticUrls( | ||
| [ | ||
| { url: '/social-network/login/:type', param: 'Facebook' }, | ||
| { url: '/social-network/login/:type', param: 'Google' }, | ||
| { url: '/social-network/login/:type', param: 'Seznam' }, | ||
| ], | ||
| url, | ||
| ); |
There was a problem hiding this comment.
It would be nice to provide those data in SettingsQuery. Now you have to synchronize FE and BE separately. What if some project will want to have social logins only on some domains? Then you need to duplicate logic on both sides.
|
|
||
| /** | ||
| * @param \App\Model\Customer\User\CustomerUser $customerUser | ||
| * @return array{accessToken: string, refreshToken: string} | ||
| */ | ||
| public function loginAndReturnAccessAndRefreshToken(CustomerUser $customerUser): array | ||
| { | ||
| $deviceId = Uuid::uuid4()->toString(); | ||
|
|
||
| return [ | ||
| 'accessToken' => $this->tokenFacade->createAccessTokenAsString($customerUser, $deviceId), | ||
| 'refreshToken' => $this->tokenFacade->createRefreshTokenAsString($customerUser, $deviceId), | ||
| ]; | ||
| } |
There was a problem hiding this comment.
This can be moved to the parent class.
| @@ -61,4 +64,25 @@ public function createWithArgument(Argument $argument): RegistrationData | |||
|
|
|||
| return $registrationData; | |||
| } | |||
|
|
|||
There was a problem hiding this comment.
It seems like you should be able to move this file into the Framework package easily. If you do that it will be easier to maintain this file for us.
| @@ -0,0 +1,63 @@ | |||
| <?php | |||
There was a problem hiding this comment.
This file should be in the Framework bundle as well.
|
|
||
| namespace Shopsys\FrameworkBundle\Model\SocialNetwork\Exception; | ||
|
|
||
| interface SocialNetworkExceptionInterface |
There was a problem hiding this comment.
this interface in not necessary (we do not create the interfaces anymore, unless there is a valid use-case which I do not see here)
There was a problem hiding this comment.
deleted in 68ae66f
|
|
||
| class SocialNetworkConfigFactory | ||
| { | ||
| public const PROVIDER_GOOGLE = 'Google'; |
There was a problem hiding this comment.
| public const PROVIDER_GOOGLE = 'Google'; | |
| public const string PROVIDER_GOOGLE = 'Google'; |
| class SocialNetworkConfigFactory | ||
| { | ||
| public const PROVIDER_GOOGLE = 'Google'; | ||
| public const PROVIDER_FACEBOOK = 'Facebook'; |
There was a problem hiding this comment.
| public const PROVIDER_FACEBOOK = 'Facebook'; | |
| public const string PROVIDER_FACEBOOK = 'Facebook'; |
| { | ||
| public const PROVIDER_GOOGLE = 'Google'; | ||
| public const PROVIDER_FACEBOOK = 'Facebook'; | ||
| public const PROVIDER_SEZNAM = 'Seznam'; |
There was a problem hiding this comment.
| public const PROVIDER_SEZNAM = 'Seznam'; | |
| public const string PROVIDER_SEZNAM = 'Seznam'; |
| * @param string $seznamClientId | ||
| * @param string $seznamClientSecret | ||
| */ | ||
| public function __construct( |
There was a problem hiding this comment.
TBH, I am not a fan of this solution...I think it is not ideal for future extensions and adding more providers.
I have an idea that I would like to discuss - what about creating a configuration yaml in project-base that would be loaded here and processed? It could look like this:
parameters:
social_network_login_config:
providers:
google:
enabled: true
id: '%env(GOOGLE_CLIENT_ID)%'
secret: '%env(GOOGLE_CLIENT_SECRET)%'
facebook:
enabled: true
id: '%env(FACEBOOK_CLIENT_ID)%'
secret: '%env(FACEBOOK_CLIENT_SECRET)%'
...Then, SocialNetworkConfigFactory construct would accept just the config array:
public function __construct(array $socialNetworkLoginConfig)
services.yaml:
Shopsys\FrameworkBundle\Model\SocialNetwork\SocialNetworkConfigFactory:
arguments:
$socialNetworkLoginConfig: '%social_network_login_config%'
The SocialNetworkConfigFactory::createConfig() method would dynamically create the config from the input array or the factory would not be needed anymore if the array in the yaml file is defined precisely 🤔 When typing this comment, I realized this is something I would expect from a Symfony bundle so I tried to search the bundle and I found this - https://github.com/ITLized/social - it seems like it is not maintained but the idea with the config in yaml was implemented there 🤔
There was a problem hiding this comment.
If config in yaml, I would rather create a true framework bundle config than use parameters and have to validate them by hand – you can see inspiration in 9636a0f
There was a problem hiding this comment.
@grossmannmartin Honestly, solution from Rosta seems to me better because creating "yaml configuration" (or how to name it) is not good with this solution because with configuration you tell what can be used and what is expected will come. This library for login by social network has many solutions and I can't all of them solve + if library whatever change you have to update your configuration ++ if on project you need to do something that is not expected you have to edit this configuration too. Because I don't think creating configuration is not good solution and I accept solution of creating only yaml file where I will send only config as array as Rosta suggest.
Do you agree or do you want to call so I can better describe issue with configuration solution? 🙏
There was a problem hiding this comment.
changed by discussion and suggestion by Rosta, see 68ae66f. After discussion, I take it's OK now, if not let me know
| * @param \Hybridauth\User\Profile $profile | ||
| * @return \App\Model\Customer\User\RegistrationData | ||
| */ | ||
| public function createFromSocialNetworkProfile(Profile $profile): RegistrationData |
There was a problem hiding this comment.
this should be implemented in the framework package 😇
| $registrationData->street = ''; | ||
| $registrationData->city = ''; | ||
| $registrationData->postcode = ''; | ||
| $registrationData->country = $countries[0]; |
There was a problem hiding this comment.
I know this is an edge case but what if there is no enabled country on a domain?
There was a problem hiding this comment.
as we discussed, It's very little edge case and it will be solved in next follow-up task
| $registrationData->city = ''; | ||
| $registrationData->postcode = ''; | ||
| $registrationData->country = $countries[0]; | ||
| $registrationData->password = $this->hashGenerator->generateHashWithoutConfusingCharacters(CustomerUserPasswordFacade::MINIMUM_PASSWORD_LENGTH); |
There was a problem hiding this comment.
When the password policy is changed on a project (e.g. special characters are required), this implementation might be a problem, right? Even at this moment, it feels like it might lead to quite weak passwords 🤔 Let's discuss it, please
| * @param \App\Model\Customer\User\CustomerUser $customerUser | ||
| * @return array{accessToken: string, refreshToken: string} | ||
| */ | ||
| public function loginAndReturnAccessAndRefreshToken(CustomerUser $customerUser): array |
There was a problem hiding this comment.
it should not be in project-base 🙂 Moreover, I do not feel like putting this functionality into the existing LoginAsUserFacade - the class is used when you need to login administrator as a user. IMHO it is worth creating a separate class for your purpose. But we can discuss it if you want
There was a problem hiding this comment.
fixed in 313cf3c as we agreed
| @@ -42,7 +42,7 @@ server { | |||
| fastcgi_param SCRIPT_FILENAME $realpath_root/resolveFriendlyUrl.php; | |||
| } | |||
|
|
|||
| location ~ ^\/(admin|public|content(-test)?|ckeditor|build|bundles|graphql|_profiler|_wdt|file|redirect|elfinder|efconnect|personal-overview-export|codeception-acceptance-test|_error) { | |||
| location ~ ^\/(admin|public|content(-test)?|ckeditor|build|bundles|graphql|_profiler|_wdt|file|redirect|elfinder|efconnect|personal-overview-export|codeception-acceptance-test|_error|social-network) { | |||
There was a problem hiding this comment.
https://github.com/shopsys/deployment/blob/main/kubernetes/configmap/nginx.yaml needs to be edited in the same manner.
Then, you need to release a new version of the deployment package and require it in your composer.json
We can discuss this as well 😉
sebaholesz
force-pushed
the
pt-login-with-social-media
branch
from
f5bccb8
to
19f354e
Compare
sebaholesz
force-pushed
the
pt-login-with-social-media
branch
from
5ebff2b
to
68a3d85
Compare
| */ | ||
| public function loginAction(Request $request, string $type): Response | ||
| { | ||
| if (in_array($type, SocialNetworkConfigFactory::ALLOWED_PROVIDERS, true) === false) { |
There was a problem hiding this comment.
Why are you checking types agains some hard defined array instead of checking if type is in social_network_login_config configuration?
I would like to see that if you want to add for example Apple ID, you can do that just by configuration (and probably you will have to add some images to SF) but thats all. I don't like the idea when you have configuration for some service and then you have same information somewhere in codebase
There was a problem hiding this comment.
hmm it true, it's not necessary check type, that library will throw exception if you send something not supported or disabled or..., deleted in 7f060b7
sspooky13
force-pushed
the
pt-login-with-social-media
branch
7 times, most recently
from
3c8f547
to
7e6490e
Compare
sspooky13
force-pushed
the
pt-login-with-social-media
branch
from
7e6490e
to
f17b28a
Compare
- additionally refactored login form - this relates to both the login popup and login page
…ode can be nullable
sspooky13
force-pushed
the
pt-login-with-social-media
branch
from
2bbd21c
to
c37810c
Compare
🌐 Live Preview: