[Security] Dispatch an event when "logout user on change" steps in #31138
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
1396daf to
452978a
Compare
1129413 to
8f767ee
Compare
linaori
suggested changes
Apr 18, 2019
src/Symfony/Component/Security/Http/Event/LogoutUserChangeEvent.php
Outdated
Show resolved
Hide resolved
8f767ee to
36bb3b2
Compare
|
Status: Needs Review |
linaori
suggested changes
Apr 18, 2019
src/Symfony/Component/Security/Http/Event/LogoutOnChangeEvent.php
Outdated
Show resolved
Hide resolved
36bb3b2 to
b6ad28a
Compare
|
Status: Needs Review |
b6ad28a to
5765f69
Compare
linaori
approved these changes
Apr 18, 2019
|
Thanks @linaori and @noniagriconomie for the review ! |
|
@Simperfit do not forget to update the doc accordingly when PR is finished :) |
95f1071 to
ecdeab8
Compare
|
Reverted my suggestion about allowing to reauthenticate the token from a listener, bad idea. Also renamed to |
xabbuh
reviewed
Apr 27, 2019
|
If we also do not want to rely on the user concept, would it make sense to pass the old and the refreshed token instead of the user? |
b901b0b to
abec9c1
Compare
|
@xabbuh 👍 Changed to |
|
I like |
abec9c1 to
40e4218
Compare
|
Renamed |
|
Thanks for helping me finishing this @chalasr ;). |
xabbuh
requested changes
Apr 28, 2019
xabbuh
approved these changes
Apr 28, 2019
|
Thank you @Simperfit. |
chalasr
pushed a commit
that referenced
this pull request
Apr 28, 2019
…ge" steps in (Simperfit) This PR was merged into the 4.3-dev branch. Discussion ---------- [Security] Dispatch an event when "logout user on change" steps in | Q | A | ------------- | --- | Branch? | master | Bug fix? | no | New feature? | yes <!-- don't forget to update src/**/CHANGELOG.md files --> | BC breaks? | no <!-- see https://symfony.com/bc --> | Deprecations? | no <!-- don't forget to update UPGRADE-*.md and src/**/CHANGELOG.md files --> | Tests pass? | yes <!-- please add some, will be required by reviewers --> | Fixed tickets | #26902 <!-- #-prefixed issue number(s), if any --> | License | MIT | Doc PR | symfony/symfony-docs#11450 <!-- required for new features --> <!-- Write a short README entry for your feature/bugfix here (replace this comment block.) This will help people understand your PR and can be used as a start of the Doc PR. Additionally: - Bug fixes must be submitted against the lowest branch where they apply (lowest branches are regularly merged to upper ones so they get the fixes too). - Features and deprecations must be submitted against the master branch. --> This adds a new event when the user has been changed and has been log out from the apps, it allow someone to register to this event and do something with either to token or the refreshedUser. Commits ------- 40e4218 [Security] Dispatch an event when "logout user on change" steps in
fabpot
reviewed
Apr 29, 2019
| @@ -23,6 +23,7 @@ CHANGELOG | ||
| * Dispatch `SwitchUserEvent` on `security.switch_user` | ||
| * Deprecated `Argon2iPasswordEncoder`, use `SodiumPasswordEncoder` instead | ||
| * Deprecated `BCryptPasswordEncoder`, use `NativePasswordEncoder` instead | ||
| * Added `DeauthenticatedEvent` dispatched in case the user has changed when trying to refresh it |
There was a problem hiding this comment.
I think "it" refers to the Token here. What about "Added DeauthenticatedEvent dispatched in case the user has changed when trying to refresh the token"?
fabpot
reviewed
Apr 29, 2019
| use Symfony\Contracts\EventDispatcher\Event; | ||
|
|
||
| /** | ||
| * Deauthentication happens in case the user has changed when trying to refresh it. |
There was a problem hiding this comment.
Sentence should be changed as well
OskarStark
added a commit
to symfony/symfony-docs
that referenced
this pull request
May 7, 2019
…" steps in (Simperfit) This PR was merged into the master branch. Discussion ---------- [Security] Dispatch an event when "logout user on change" steps in <!-- If your pull request fixes a BUG, use the oldest maintained branch that contains the bug (see https://symfony.com/roadmap for the list of maintained branches). If your pull request documents a NEW FEATURE, use the same Symfony branch where the feature was introduced (and `master` for features of unreleased versions). --> This documents the new event implemented in symfony/symfony#31138 Commits ------- b5e6038 [Security] Dispatch an event when "logout user on change" steps in
Merged
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This adds a new event when the user has been changed and has been log out from the apps, it allow someone to register to this event and do something with either to token or the refreshedUser.