Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Decouple IdentityHandler from Authenticator #64

Open
dakur opened this issue Mar 29, 2022 · 1 comment
Open

Decouple IdentityHandler from Authenticator #64

dakur opened this issue Mar 29, 2022 · 1 comment

Comments

@dakur
Copy link
Contributor

dakur commented Mar 29, 2022

We use custom authenticators (independent on Nette\Security\Authenticator interface) which produce instances of Nette\Security\IIdentity so that it can be used for User#login($identity) afterwards. Inside of the identity, there is an object which need to be (de)serialized in a special way. IdentityHandler seems perfect for this job.

Sadly, in current implementation, IdentityHandler is only applied if it's implemented within Authenticator, but not standalone. As a workaround, I can:

  • create fake authenticator implementing the Nette one and IdentityHandler as well (see below)
  • don't use User at all

Example of fake authenticator:

class Authenticator implements \Nette\Security\Authenticator
{
    public function authenticate(...)
    {
        throw new Exception('Don\'t use me for authentication');
    }

    public function sleepIdentity(...) { ... } // real work
    public function wakeupIdentity(...) { ... } // real work

Suggestion

Support IdentityHandler on its own with a configuration param. User will require it from DI then.

namespace App;

class IdentityHandler implements \Nette\Security\IdentityHandler
{
    public function sleep(...) { ... } // real work
    public function wakeup(...){ ... } // real work
}
security:
    identityHandler: App\IdentityHandler
@dakur dakur changed the title Decouple IdentityHandler from Authenticator – make it a service Decouple IdentityHandler from Authenticator Mar 29, 2022
@jkuchar
Copy link

jkuchar commented Mar 30, 2022

Actually all what is needed is to receive IdentityHandler here as a separate service from DI.

There is no BC break, as there was only one IdentityHandler & Authenticator it will return the same class anyway. :-)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants