Skip to content

Utilize Devise Location helpers #109

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

Utilize Devise Location helpers #109

wants to merge 2 commits into from

Conversation

@cpfergus1
Copy link

@cpfergus1 cpfergus1 commented Sep 13, 2022
edited by elia
Loading

Description
Removes #redirect_back_or_default in favor of solidus_auth_devise helper methods

Motivation and Context
The method #redirect_back_or_default and the class user_last_url_storer will be deprecated in Solidus solidusio/solidus#4533 which would break the current build without these changes. SolidusAuthDevise has similar a helper method to #redirect_back_or_default, #stored_spree_user_location_or which was introduced in solidusio/solidus_auth_devise#228 and will be utilized instead.

How Has This Been Tested?
The current test suite covers the changes made in the PR

@cpfergus1 cpfergus1 mentioned this pull request Sep 13, 2022
Merged
7 tasks
kennyadsl
kennyadsl reviewed Sep 15, 2022
View reviewed changes
app/controllers/spree/omniauth_callbacks_controller.rb
if request.env['omniauth.error'].present?
flash[:error] = I18n.t('devise.omniauth_callbacks.failure', kind: auth_hash['provider'], reason: I18n.t('spree.user_was_not_valid'))
redirect_back_or_default(root_url)
redirect_to stored_spree_user_location_or(root_url)
Copy link
Member

@kennyadsl kennyadsl Sep 15, 2022
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This assumes we are using the latest version of solidus_auth_devise, which contains the solidusio/solidus_auth_devise#228 and it's not always true. We should probably make it conditional, isn't it?

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We should always be using the latest solidus_auth_devise as the version number is not specified in the gemspec and it should resolve to the latest I would expect. It is true this would break if the user specified solidus_auth_devise 2.5.4, but I feel like we may want to specify in the gemspec rather than create a conditional here. WDYT?

@cpfergus1
Utilize SolidusAuthDevise redirect helpers
aa75c33 
With the deprecation of #redirect_back_or_default in solidus 4.0,
we can utilize the SolidusAuthDevise helper stored_location_for
to provide the same functionality.
@cpfergus1 cpfergus1 force-pushed the nebulab/remove-redirect-back-or-default branch from 31ed644 to aa75c33 Compare September 19, 2022 09:42
@fthobe
Copy link
Contributor

fthobe commented Jan 8, 2025

@cpfergus1 @kennyadsl

Hey, I climbed down the rabbit hole that is the history of the devise location helpers and understood that the initial PR by @elia caused a lot of trouble reverting and remaking PRs starting with the modification in Solidus #4533 (Deprecate method #redirect_back_or_default ).

Given that we are right now touching auth by restoring solidus_social and touching also starter_frontend for that, wouldn't this be something that we can push through with a new major or is it something that is officially abandoned as a nice to have causing too much trouble?

@elia
Copy link
Member

elia commented Jan 13, 2025

I'm fully in favor of pushing a new major with an explicit dependency on solidus_auth_devise. Most of the extensions secretly assumed it to be there anyway, much better to just state it explicitly. 👍

@fthobe
Copy link
Contributor

fthobe commented Jan 13, 2025

I'm fully in favor of pushing a new major with an explicit dependency on solidus_auth_devise. Most of the extensions secretly assumed it to be there anyway, much better to just state it explicitly. 👍

@kennyadsl is that acceptable for you?

@kennyadsl
Copy link
Member

Yes definitely. Solidus Social could depends on Devise. If anyone needs to build social logins on top of other auth providers, I doubt this gem will be useful anyway.

@fthobe fthobe mentioned this pull request Jan 13, 2025
Merged
@fthobe
Copy link
Contributor

fthobe commented Jan 13, 2025
edited
Loading

@rahulsingh321 this should work out of the box, please integrate into the current PR and test it.

@rahulsingh321
Copy link
Contributor

rahulsingh321 commented Jan 13, 2025
edited
Loading

@rahulsingh321 this should work out of the box, please integrate into the current PR and test it.

@fthobe These changes are reverted here so its not in solidus_auth_devise latest version. Adding this causing failure in the specs to me.

@fthobe
Copy link
Contributor

fthobe commented Jan 20, 2025

@kennyadsl we are waiting on a PR in Devise to offer password complexity implementation in Devise to be merged making many dependencies of devise to set password complexity unneccessary before layong hand on solidus devise. Also MFA is required in many settings by PCI compliance and we would like to look into this issue Inside a larger context of separating admin and user auth to prevent escalations and allow impersonations effectively.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@kennyadsl kennyadsl kennyadsl left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@cpfergus1 @fthobe @elia @kennyadsl @rahulsingh321