Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Utilize Warden Redirect #80

Merged
merged 8 commits into from
Jun 9, 2024
Merged

Utilize Warden Redirect #80

merged 8 commits into from
Jun 9, 2024

Conversation

strouptl
Copy link
Collaborator

This PR utilizes the native Warden "redirect!" method to redirect users from the sign in form to the OTP challenge without signing in. Benefits of this approach include:

  • Eliminates artifical login/logout in the "create_otp_session" method;
  • Avoides destroying the Warden session (which eliminates the need for getting/resetting the redirect location);
  • Ensures that trackakable fields are only updated after entering OTP credentials;
  • Removes the Sessions hook in general in conjunction with PR's Fix Mandatory OTP Issue #78, and Refresh Credentials Hook #79

NOTE: tests are failing, as the above PR's must be merged first.

This was referenced May 25, 2024
Closed
Closed
@strzibny
Copy link
Collaborator

Please rebase

@strouptl
Copy link
Collaborator Author

Hi @strzibny, the tests on this branch are still failing for some reason. I will let you know when I get them resolved.

@strouptl strouptl mentioned this pull request Jun 4, 2024
Merged
@strouptl
Copy link
Collaborator Author

strouptl commented Jun 4, 2024

@strzibny, I have a solution for this in PR #82. If you could merge PR's #81 and #82 first, then I will rebase and merge this final PR to closeout the Trackable field issues in Issue 71.

@strzibny
Copy link
Collaborator

strzibny commented Jun 4, 2024

Okay, please rebase to master. I'll do more testing of this after. After that I could cut a new release with the changes.

@strouptl
Copy link
Collaborator Author

strouptl commented Jun 4, 2024

OK, I have rebased. It is ready for you.

@strouptl strouptl force-pushed the warden_redirect branch 2 times, most recently from 6687f16 to 4a4da49 Compare June 5, 2024 09:47
@strzibny
Copy link
Collaborator

strzibny commented Jun 9, 2024

Please rebase again

strouptl added 8 commits June 10, 2024 02:48
@strouptl
Update DatabaseAuthenticatable strategy to redirect successful authen…
b39207e 
…tications directly to OTP Credentials controller rather than logging in; delete Sessions hook with overwritten logout/login "create_session" method (no longer needed);
@strouptl
Refactor DatabaseAuthenticatable strategy;
e1ad83e
@strouptl
- Reimplement skip_challenge functionality via otp_credentials_contro…
deacf0c 
…ller;

- Move challenge, recovery, and resource variables to filters for easier reference;
- Unnest "challenge" and "recovery" fields in form params for consistency between show and update actions;
@strouptl
add entry to CHANGELOG;
3954cc3
@strouptl
add test to ensure that trackable fields are not updated until after …
2bb9693 
…entering user token when OTP is enabled;
@strouptl
add test to ensure normal trackable functionality for disabled OTP;
34a7154
@strouptl
unnest token field in form to match challenge and recovery fields;
5939713
@strouptl
update CHANGELOG with changes;
ba69eba
@strouptl
Copy link
Collaborator Author

strouptl commented Jun 9, 2024

Done.

@strzibny strzibny merged commit fb78aa6 into wmlele:master Jun 9, 2024
1 check passed
@strouptl strouptl deleted the warden_redirect branch November 19, 2024 17:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@strouptl @strzibny