Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Added Authentication #237

Merged
merged 33 commits into from
Jun 11, 2024
Merged

Added Authentication #237

merged 33 commits into from
Jun 11, 2024

Conversation

Corepex
Copy link
Contributor

@Corepex Corepex commented May 6, 2024
edited
Loading

Changes in this pull request

Resolves #110
Related to pimcore/studio-backend-bundle#91

@Corepex Corepex self-assigned this May 6, 2024
@Corepex
Copy link
Contributor Author

Corepex commented May 8, 2024
edited
Loading

Where / How to store the token?

  • in the localstorage of the browser. CSP, Fingerprinting etc. will help us to protect the secrets

How will the token be refreshed?

  • via setInterval - (lifetime - 80% = refresh) -> save deadline (in unix) to store on login/refresh

Corepex and others added 12 commits May 14, 2024 10:03
@Corepex
added a punch of auth related stuff i cant describe
65f62b0
@Corepex
Merge remote-tracking branch 'origin/110-authentication' into 110-aut…
dc4ec5d 
…hentication
@Corepex
added unified middleware to layouts
173b5bc
@Corepex
build files
026bb78
@Corepex
removed cookies from prepareHeaders
4179f95
@Corepex
Merge branch '1.x' into 110-authentication
1106b9f 
# Conflicts:
#	assets/js/src/app/api/pimcore/index.ts
#	assets/js/src/modules/app/global-provider.tsx
#	assets/package.json
#	public/build/entrypoints.json
#	public/build/manifest.json
#	public/core-dll/fonts/Lato-Bold.636be8de.ttf
#	public/core-dll/fonts/Lato-Light.c7400fca.ttf
#	public/core-dll/fonts/Lato-Regular.9d883d54.ttf
#	src/Controller/DefaultController.php
@Corepex
moved files due to structure change in 1.x
a52f6f5
@Corepex
added jsdoc, removed logline
7b8eae9
@Corepex
added package-lock.json
e405a6f
@Corepex
build files
889156c
@Corepex @github-actions
Apply eslint-fixer changes
e9799c5
@Corepex @github-actions
Automatic frontend build
5550265
@Corepex
Copy link
Contributor Author

Corepex commented May 14, 2024
edited
Loading

Note:

This PR doesn't include the final security concept since it's not finalized yet.
It also doesn't include a refresh interval for the token.

Keep an eye on the follow-up PRs 💯 🍾

@Corepex Corepex marked this pull request as ready for review May 14, 2024 13:02
@Corepex Corepex requested a review from vin0401 May 14, 2024 13:03
@vin0401
Copy link
Collaborator

vin0401 commented May 21, 2024
edited
Loading

I have to admit that the folder structure confuses me a bit and makes it hard to see how the things are connected.
My suggestion would be the following:

app/
  router/
    router.ts // <- takes care of the route handling. Maybe also offers the possibility to register routes early on before the are processed by the createBrowserRouter. 
   
components
   // if any presentational or purely UI components are available place them here.

modules/
  app/
    default-page.ts // new suffix -page to indicate a react component that is registered via module as a page.
  auth/
    login-page.ts
    // everything related to the auth module. Mostly the parts under componets/login-form
    // and also the auth-slice should go here. That way we can group all files based on the feature.

@vin0401
Copy link
Collaborator

vin0401 commented Jun 11, 2024

Any updates due to the folder structure?
For me it still would make sense to group everything by feature in a new module called "auth": #237 (comment)

This was referenced Jun 11, 2024
Merged
Merged
@sonarcloud SonarCloud
Copy link

sonarcloud bot commented Jun 11, 2024

Quality Gate Passed Quality Gate passed

Issues
4 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

@Corepex Corepex merged commit 8279e68 into 1.x Jun 11, 2024
11 checks passed
@Corepex Corepex deleted the 110-authentication branch June 11, 2024 10:43
@github-actions github-actions bot locked and limited conversation to collaborators Jun 11, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@vin0401 vin0401 vin0401 approved these changes

Assignees

@Corepex Corepex

Labels
New Feature
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Authentication
2 participants
@Corepex @vin0401