Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

API Remove ALC renewal, tweak extension point #11355

Open
wants to merge 1 commit into
base: 6
Choose a base branch
from
Open

API Remove ALC renewal, tweak extension point #11355

wants to merge 1 commit into from

Conversation

Cheddam
Copy link
Member

@Cheddam Cheddam commented Aug 30, 2024
edited by GuySartorelli
Loading

Description

The ALC token is no longer rotated during an active login. Also removed related replace_token_during_session_renewal config. The extension point that was previously provided in the renew() method has been renamed and is now triggered externally in the CookieAuthenticationHandler::authenticateRequest() method.

Co-dependent on related Login Session PR: silverstripe/silverstripe-session-manager#214

Manual testing steps

Checkout this PR along with the Session Manager PR and validate that remember me functionality is intact.

Issues

Pull request checklist

  • The target branch is correct
  • All commits are relevant to the purpose of the PR (e.g. no debug statements, unrelated refactoring, or arbitrary linting)
    • Small amounts of additional linting are usually okay, but if it makes it hard to concentrate on the relevant changes, ask for the unrelated changes to be reverted, and submitted as a separate PR.
  • The commit messages follow our commit message guidelines
  • The PR follows our contribution guidelines
  • Code changes follow our coding conventions
  • This change is covered with tests (or tests aren't necessary for this change)
  • Any relevant User Help/Developer documentation is updated; for impactful changes, information is added to the changelog for the intended release
  • CI is green

This was referenced Aug 30, 2024
Open
Open
@GuySartorelli
Copy link
Member

Can you please rebase the PR? I think some of the CI failures are unrelated, but nothing's failing on a normal 6 run

@Cheddam Cheddam force-pushed the pulls/6/remove-alc-token-regeneration branch from 375fd51 to b497c3d Compare September 19, 2024 02:24
@Cheddam
Copy link
Member Author

Cheddam commented Sep 19, 2024

@GuySartorelli Apologies for the wait on this one - I've rebased, and we're seeing the same error. Pretty sure this is valid - without the related change to the Session Manager module in place, it's no longer tweaking the session ID and therefore can't retain the logged in state correctly.

@GuySartorelli
Copy link
Member

GuySartorelli commented Sep 25, 2024
edited
Loading

Apologies for the wait on this one

No worries, the beta isn't until January so we've got plenty of time to get this in.

Pretty sure this is valid

Just to clarify what you mean by that - do you mean "the CI failure is valid - it's a result of this PR"? Or "This PR is valid, the CI failure is unrelated"?

@Cheddam
API Remove ALC renewal, tweak extension point
4b6c248 
The ALC token is no longer rotated during an active login. Also removed related
`replace_token_during_session_renewal` config. The extension point that was
previously provided in the `renew()` method has been renamed and is now triggered
externally in the `CookieAuthenticationHandler::authenticateRequest()` method.
@Cheddam Cheddam force-pushed the pulls/6/remove-alc-token-regeneration branch from b497c3d to 4b6c248 Compare October 1, 2024 03:55
@GuySartorelli
Copy link
Member

@Cheddam Just checking in on this one - still not sure what you meant above?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Cheddam @GuySartorelli