[SecurityBundle] error helper added symfony/symfony#11147 #11324
Conversation
|
Awesome! @i3or1s Can you create a pull request or an issue on the docs to reflect this change (which I'm happy to say will simplify the docs nicely)? Thanks for the nice PR! |
|
Created related issue in Docs symfony/symfony-docs#3996 |
|
|
||
| /** | ||
| * @param bool $clearSession | ||
| * @return string |
There was a problem hiding this comment.
this is wrong. It does not return a string but an AuthenticationException (or null)
There was a problem hiding this comment.
Were you referring to new AuthenticationException($msg)?
There was a problem hiding this comment.
the existing code does not return a string. The request attribute stored in SecurityContextInterface::AUTHENTICATION_ERROR is an AuthenticationException instance, not a string
|
Issues that stof reported have been fixed. |
| * file that was distributed with this source code. | ||
| */ | ||
|
|
||
| namespace Symfony\Component\Security\Core\Util; |
There was a problem hiding this comment.
This should be part of Symfony\Component\Security\Http instead. Core does not depend on HttpFoundation currently.
There was a problem hiding this comment.
Since it is a AuthenticationErrorHelper should it go to Symfony\Component\Security\Http\Authentication?
|
Issues are fixed any news on the PR |
|
👍 |
|
Hi @weaverryan @stof @romainneutron could you check out the PR |
|
|
||
| /** | ||
| * @param bool $clearSession | ||
| * @return null|AuthenticationException |
There was a problem hiding this comment.
I think it's more developer friendly to provide some more documentation comments here.
There was a problem hiding this comment.
Any suggestion on what it should be?
"Retrieves last Authentication Error, if $clearSession is true it will also remove the error form session."?
There was a problem hiding this comment.
"Retrieves last Authentication Error, if $clearSession is true it will also remove the error form session." - this can be read from the code and I don't think we need duplicating it in a comment.
@xabbuh could you explain what kind of a documentation you mean here?
There was a problem hiding this comment.
I would write something like this:
/**
* Returns the last authentication error.
*
* Authentication errors are read from the current request or fom the session. Keeping
* errors in the session may cause issues when calling the method several times cause
* you don't know if the errors has been read before. Therefore, after retrieving the error,
* it is erased by default. If you want to keep the error in the session, you'll have to pass
* false to this method.
*/I know that the method name is quite self-explanatory, but when I look at the generated API documentation I find it useful if there is some more explanation.
There was a problem hiding this comment.
I'm against documenting WHAT the code is doing. It's redundant, since you can read what the code is doing from the code itself... Also, this kind of comments often lie, since people tend to forget to update them.
We should rather explain WHY we're doing something, or document potential pitfalls. Anything that's not self-evident from reading the code.
There was a problem hiding this comment.
Sure, you can have a look at the code. I just think that this isn't a nice experience from the user's (the developer that uses Symfony) point of view. I feel that the best experience is when one just reads the API documentation and you do know how to use a particular class and which implications its usage has.
Given this method, it's useful to know what the clearSession argument is used for, why I should set it to false and what it'll imply if I do that (so maybe my suggestion doesn't fit right how it should be done).
Though I'm not sure if this pull request is the right place to discuss this topic since it's somehow is related to the API documentation as a whole, isn't it?
There was a problem hiding this comment.
You wouldn't be able to use Symfony's API docs this way, as it hardly contains comments of that kind. You're right it starts going out of the scope for this PR ;)
|
Shouldn't this also get a changelog entry? |
| { | ||
| $request = $this->getRequest(); | ||
| $session = $request->getSession(); | ||
| $msg = null; |
There was a problem hiding this comment.
you should rename this local variable. It is not a message
There was a problem hiding this comment.
$authenticationException what do you think about this one?
Added helper that extracts last authentication error and username.
|
Issues have been fixed. This is my first contribution so i am eager to see how it all goes. I apologize if i am breaking some rules on this. |
|
@i3or1s I think you're done 👍 |
|
@i3or1s You're doing great :). You could add a new 2.6.0 CHANGELOG entry to this file: https://github.com/symfony/symfony/blob/master/src/Symfony/Bundle/SecurityBundle/CHANGELOG.md But unless someone sees some other change, we're just waiting for merge (some people are on holiday right now). Thanks! |
|
@weaverryan Should i change Component CHANGELOG.md since class is added there or Bundle one because it is registered there or maybe both? |
|
You also have to update the version of |
Added changelog entry
|
@i3or1s Yes, you should change the dep to |
|
Thank you @i3or1s. |
|
I've fixed the dep in c51f3f3 |
…ls (xabbuh) This PR was merged into the 2.6 branch. Discussion ---------- [Cookbook][Security] document the new AuthenticationUtils | Q | A | ------------- | --- | Doc fix? | no | New docs? | yes (symfony/symfony#11324) | Applies to | 2.6+ | Fixed tickets | #3996 Commits ------- dd7c1dd document the new AuthenticationUtils
Added helper that extracts last authentication error and username.