Auth component

[Juhlinus]

This is a WIP for the auth component.

The only thing I've tested as of yet is that the user object is returned from calling user() on the AuthManager, which returns the object correctly.

Next step is to hook it up with a router and check that it works with the middleware.

Any help, testing or feedback is appreciated!

Todo

• Persistent authenticated user throughout requests.
• Current authenticated user bound to container
• Gates
• Policies

[Juhlinus]

It seems that when the authentication check is called in \Illuminate\Auth\GuardHelpers from the Illuminate\Auth\Middleware\Authenticate middleware that the user has not been set.

It does not seem to be related to anything with the session. I tried dumping out the app session id, and the one being used in the trait, and they have the same id.

Any ideas @Gummibeer, @mattstauffer?

[Gummibeer]

Without checking the code I assume something related to the container - singleton, binding and so on.
But I would have to deep dive into this component for a more precise answer.

[Juhlinus]

Session is now persisted and bound to the request as it should.

Next step is checking gates, and other fun auth features.

[Juhlinus]

@mattstauffer Hi Matt!

Do you think this PR fits into your vision of Torch-components? It is pretty hefty, requiring multiple components and is perhaps not as loosely coupled as some of the other components.

It personally fits my needs though, since I want to integrate as much of the Illuminate components as possible until a point is reached where we can just lift over everything to Laravel.

Thoughts?

[Gummibeer]

I think that if you do it anyway - do it.
Torch isn't a package you pull in but a documentation on how to do it your own. So I think there's no reason against it.

[Juhlinus]

I think that if you do it anyway - do it.
Torch isn't a package you pull in but a documentation on how to do it your own. So I think there's no reason against it.

That's what my reasoning was as well. What I was pondering was if I should create a separate repo that Torch could link to instead with a disclaimer or something like that.

[Gummibeer]

All these components aren't the best code - all only spaghetti. And there are already some complex ones like the view or schedule.

The auth could be interesting so separate in stateful and stateless. As I'm not sure if the stateless is also that complex? 🤔

There's for example also a middleware component already. So possibly you could slim the auth part a bit down?

Personally I think that the current setup is too complex as it has all kinds of usage in it instead of only initializing the component in a usable way as most other components do.
They only init the component and show one call to it. If you want to show all cases it could be multiple components. As authentication and authorization are definitely two different things.

[osbre]

Extremely basic auth attempt:

<?php

require_once __DIR__ . '/vendor/autoload.php';

use Illuminate\Config\Repository;
use Illuminate\Container\Container;
use Illuminate\Cookie\CookieJar;
use Illuminate\Database\Capsule\Manager as Capsule;
use Illuminate\Events\Dispatcher;
use Illuminate\Hashing\BcryptHasher;
use Illuminate\Auth\AuthManager;
use Illuminate\Http\Request;
use Illuminate\Session\SessionManager;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Contracts\Auth\Authenticatable as AuthenticatableContract;
use Illuminate\Auth\Authenticatable;

class User extends Model implements AuthenticatableContract
{
    use Authenticatable;

    protected $guarded = [];
    protected $hidden = ['password', 'remember_token'];
}

$container = new Container;

$capsule = new Capsule;
$capsule->addConnection([
    'driver'    => 'pgsql',
    'host'      => '127.0.0.1',
    'database'  => 'demolaravel',
    'username'  => 'postgres',
    'password'  => 'postgres',
    'charset'   => 'utf8',
    'collation' => 'utf8_unicode_ci',
    'prefix'    => '',
]);
$capsule->setAsGlobal();
$capsule->bootEloquent();

$container['config'] = new Repository(require __DIR__ . '/config.php');
$container['cookie'] = fn($container) => (new CookieJar)->setDefaultPathAndDomain(
    $container['config']['session.path'],
    $container['config']['session.domain'],
    $container['config']['session.secure'],
    $container['config']['session.same_site'] ?? null
);
$container['session'] = fn($container) => new SessionManager($container);
$container['session.store'] = fn($container) => $container['session']->driver();
$container['hash'] = fn() => new BcryptHasher;
$container['request'] = fn() => Request::createFromGlobals();
$container['auth'] = fn($container) => new AuthManager($container);
$container['auth.driver'] = fn($container) => $container['auth']->guard();
$container['events'] = fn($container) => new Dispatcher($container);
$container['db'] = fn($container) => $capsule->getDatabaseManager();

$auth = $container['auth']->guard('web');

if ($auth->attempt(['email' => '[email protected]', 'password' => 'secret'])) {
    echo 'Logged in';
} else {
    echo 'Not logged in';
}

And config.php:

<?php

return [
    'auth'    => [
        'defaults'  => [
            'guard'     => 'web',
            'passwords' => 'users',
        ],
        'guards'    => [
            'web' => [
                'driver'   => 'session',
                'provider' => 'users',
            ],
        ],
        'providers' => [
            'users' => [
                'driver' => 'eloquent',
                'model'  => User::class,
            ],
        ],
        'passwords' => [
            'users' => [
                'provider' => 'users',
                'table'    => 'password_resets',
                'expire'   => 60,
            ],
        ],
    ],
    'session' => [
        'driver'   => 'cookie',
        'lifetime' => 120,
        'path'     => '/',
        'domain'   => null,
        'secure'   => false,
    ],
];