Merge pull request #3 from lbausch/develop

Version 0.2.0

Author: lbausch

.github/workflows/tests.yml

@@ -22,7 +22,7 @@ jobs:
     strategy:
       fail-fast: true
       matrix:
-        php: [7.2, 7.3, 7.4]
+        php: [7.3, 7.4]
         stability: [prefer-lowest, prefer-stable]
 
     name: PHP ${{ matrix.php }} - ${{ matrix.stability }}

README.md

@@ -2,8 +2,6 @@
 
 ![tests](https://github.com/lbausch/flarum-laravel-session/workflows/tests/badge.svg) [![codecov](https://codecov.io/gh/lbausch/flarum-laravel-session/branch/master/graph/badge.svg)](https://codecov.io/gh/lbausch/flarum-laravel-session)
 
-**Disclaimer**: This package is still a proof of concept.
-
 - [What It Does](#what-it-does)
 - [Requirements](#requirements)
 - [Installation and Configuration](#installation-and-configuration)
@@ -14,17 +12,17 @@
   - [Disable Cookie Encryption](#disable-cookie-encryption)
 - [Usage](#usage)
   - [Setup Middleware](#setup-middleware)
-  - [Updating Attributes](#updating-attributes)
-- [Accessing Session Cookie From Different Domain](#accessing-session-cookie-from-different-domain)
+  - [Handle An Identified User](#handle-an-identified-user)
+- [Accessing Flarum Session Cookie From Different Domain](#accessing-flarum-session-cookie-from-different-domain)
 
 ## What It Does
 This package allows to use the session of [Flarum](https://flarum.org/) for authentication within a Laravel application.
 It accesses Flarum's session cookie and reads the session data from the session storage.
-Based on the user information in the Flarum database an user in the Laravel application is created / updated and logged in.
+Based on the user information in the Flarum user database an user in the Laravel application is created / updated and logged in.
 
 ## Requirements
-+ PHP 7.2+
-+ Laravel 7
++ PHP 7.3+
++ Laravel 8
 + Working installation of Flarum in the same filesystem as the Laravel application, so Flarum's session files can be read
 + Flarum and Laravel need to share the same domain / subdomain, so Flarum's session cookie can be accessed
 
@@ -37,7 +35,7 @@ composer require lbausch/flarum-laravel-session
 ```
 
 ### Register Middleware
-Register the middleware in `app/Http/Kernel.php`:
+Register the `\Bausch\FlarumLaravelSession\FlarumSessionMiddleware` middleware in `app/Http/Kernel.php`:
 ```php
 /**
  * The application's route middleware.
@@ -104,13 +102,48 @@ Route::middleware(['flarum'])->group(function () {
     });
 });
 ```
+All requests to the `/` route will then be checked by the middleware.
+
+### Handle An Identified User
+Once the middleware successfully identified an user, it executes the default handler `\Bausch\FlarumLaravelSession\Actions\HandleIdentifiedUser`. You may configure a different handler by calling `FlarumLaravelSession::handleIdentifiedUser()` in a service provider. This is a perfect place to update attributes or execute further actions, just remember to implement the `\Bausch\FlarumLaravelSession\Contracts\FlarumUserIdentified` interface.
+Have a look at the default handler for a reference implementation.
 
-### Updating Attributes
-Attributes which are updated upon a successful authentication can be specified by modifying the array `update_attributes` in `config/flarum.php`.
-To track the relationship between your local user and the Flarum user, you may add a column `flarum_id` to your users table.
+```php
+<?php
+
+namespace App\Providers;
+
+use Illuminate\Support\ServiceProvider;
+use Bausch\FlarumLaravelSession\FlarumLaravelSession;
+use App\Handlers\YourCustomHandler;
+
+class AppServiceProvider extends ServiceProvider
+{
+    /**
+     * Register any application services.
+     *
+     * @return void
+     */
+    public function register()
+    {
+        //
+    }
+
+    /**
+     * Bootstrap any application services.
+     *
+     * @return void
+     */
+    public function boot()
+    {
+        FlarumLaravelSession::handleIdentifiedUser(YourCustomHandler::class);
+    }
+}
+```
 
+If you need to use a different user model than `App\Models\User`, you may call `FlarumLaravelSession::useUserModel(YourUser::class);` in your service provider.
 
-## Accessing Session Cookie From Different Domain
+## Accessing Flarum Session Cookie From Different Domain
 If Flarum is running on domain.tld and Laravel on sub.domain.tld you need to configure Flarum (`config.php`), so the session cookie can be accessed on the subdomain:
 ```php
 // Note the dot before domain.tld

composer.json

@@ -22,16 +22,16 @@
         }
     ],
     "require": {
-        "php": "^7.2",
-        "illuminate/auth": "^7.0",
-        "illuminate/filesystem": "^7.0",
-        "illuminate/http": "^7.0",
-        "illuminate/session": "^7.0",
-        "illuminate/support": "^7.0"
+        "php": "^7.3",
+        "illuminate/auth": "^8.0",
+        "illuminate/filesystem": "^8.0",
+        "illuminate/http": "^8.0",
+        "illuminate/session": "^8.0",
+        "illuminate/support": "^8.0"
     },
     "require-dev": {
-        "orchestra/testbench": "^5.3",
-        "phpunit/phpunit": "8.*"
+        "orchestra/testbench": "^6.0",
+        "phpunit/phpunit": "9.*"
     },
     "autoload": {
         "psr-4": {

config/flarum.php

@@ -6,11 +6,6 @@
      */
     'url' => env('FLARUM_URL'),
 
-    /*
-     * Model which is authenticatable
-     */
-    'model' => config('auth.providers.users.model', App\User::class),
-
     /*
      * Flarum session configuration
      */
@@ -30,13 +25,4 @@
      * Flarum database connection as defined in config/database.php
      */
     'db_connection' => env('FLARUM_DB_CONNECTION', 'flarum'),
-
-    /*
-     * Attributes to update upon successful authentication: Flarum user => local user
-     */
-    'update_attributes' => [
-        'username' => 'username',
-        'id' => 'flarum_id',
-        'email' => 'email',
-    ],
 ];

src/Actions/HandleIdentifiedUser.php

@@ -0,0 +1,87 @@
+<?php
+
+namespace Bausch\FlarumLaravelSession\Actions;
+
+use Bausch\FlarumLaravelSession\Contracts\FlarumUserIdentified;
+use Bausch\FlarumLaravelSession\FlarumLaravelSession;
+use Closure;
+use Illuminate\Container\Container;
+use Illuminate\Foundation\Auth\User;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\Str;
+
+class HandleIdentifiedUser implements FlarumUserIdentified
+{
+    public function __invoke(object $flarum_user, Request $request, Closure $next)
+    {
+        // Find the corresponding local user
+        $user = $this->getUser()->where('flarum_id', $flarum_user->id)->first();
+
+        // Create or update the corresponding local user
+        $user = $this->createOrUpdateUser($user, $flarum_user);
+
+        // Login the local user and remember him
+        Auth::login($user, $remember = true);
+
+        return $next($request);
+    }
+
+    /**
+     * Create or update User.
+     *
+     * @param \Illuminate\Foundation\Auth\User $user
+     */
+    protected function createOrUpdateUser(?User $user, object $flarum_user): User
+    {
+        // Get a user instance
+        if (null === $user) {
+            $user = $this->getUser();
+        }
+
+        $user = $this->updateAttributes($user, $flarum_user);
+
+        // Save user
+        if ($user->isDirty()) {
+            $user->save();
+        }
+
+        // Return user
+        return $user;
+    }
+
+    /**
+     * Update attributes.
+     *
+     * @param \Illuminate\Foundation\Auth\User $user
+     */
+    protected function updateAttributes(?User $user, object $flarum_user): User
+    {
+        // Attributes to update: Flarum user => local user
+        $update_attributes = [
+            'username' => 'username',
+            'id' => 'flarum_id',
+            'email' => 'email',
+        ];
+
+        // Update attributes
+        foreach ($update_attributes as $flarum_attribute => $local_attribute) {
+            $user->{$local_attribute} = $flarum_user->{$flarum_attribute};
+        }
+
+        if ($user->isDirty()) {
+            // Set a random password
+            $user->password = bcrypt(Str::random(30));
+        }
+
+        return $user;
+    }
+
+    /**
+     * Get user instance.
+     */
+    protected function getUser(): User
+    {
+        return Container::getInstance()->make(FlarumLaravelSession::userModel());
+    }
+}

src/Contracts/FlarumUserIdentified.php

@@ -0,0 +1,16 @@
+<?php
+
+namespace Bausch\FlarumLaravelSession\Contracts;
+
+use Closure;
+use Illuminate\Http\Request;
+
+interface FlarumUserIdentified
+{
+    /**
+     * Handle an authenticated Flarum user.
+     *
+     * @return mixed
+     */
+    public function __invoke(object $flarum_user, Request $request, Closure $next);
+}

src/FlarumLaravelSession.php

@@ -0,0 +1,45 @@
+<?php
+
+namespace Bausch\FlarumLaravelSession;
+
+use Bausch\FlarumLaravelSession\Contracts\FlarumUserIdentified;
+
+class FlarumLaravelSession
+{
+    /**
+     * The user model that should be used by FlarumLaravelSession.
+     *
+     * @var string
+     */
+    public static $userModel = 'App\\Models\\User';
+
+    /**
+     * Register class that handles actions once a Flarum user has been identified.
+     */
+    public static function handleIdentifiedUser(string $class)
+    {
+        return app()->singleton(FlarumUserIdentified::class, $class);
+    }
+
+    /**
+     * Get the name of the user model used by the application.
+     *
+     * @return string
+     */
+    public static function userModel()
+    {
+        return static::$userModel;
+    }
+
+    /**
+     * Specify the user model that should be used by FlarumLaravelSession.
+     *
+     * @return static
+     */
+    public static function useUserModel(string $model)
+    {
+        static::$userModel = $model;
+
+        return new static();
+    }
+}

src/FlarumSessionMiddleware.php

@@ -2,17 +2,16 @@
 
 namespace Bausch\FlarumLaravelSession;
 
+use Bausch\FlarumLaravelSession\Contracts\FlarumUserIdentified;
 use Closure;
 use Illuminate\Container\Container;
 use Illuminate\Filesystem\Filesystem;
-use Illuminate\Foundation\Auth\User;
 use Illuminate\Http\Request;
 use Illuminate\Session\FileSessionHandler;
 use Illuminate\Session\Store;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Config;
 use Illuminate\Support\Facades\DB;
-use Illuminate\Support\Str;
 
 class FlarumSessionMiddleware
 {
@@ -58,16 +57,11 @@ public function handle(Request $request, Closure $next)
             abort(403);
         }
 
-        // Find the corresponding local user
-        $user = $this->getUser()->where('flarum_id', $flarum_user->id)->first();
+        // Get Handler for handling Flarum user
+        $handler = Container::getInstance()->make(FlarumUserIdentified::class);
 
-        // Create or update the corresponding local user
-        $user = $this->createOrUpdateUser($user, $flarum_user);
-
-        // Login the local user and remember him
-        Auth::login($user, true);
-
-        return $next($request);
+        // Execute handler
+        return $handler($flarum_user, $request, $next);
     }
 
     /**
@@ -90,42 +84,4 @@ protected function getFileSessionHandler(): FileSessionHandler
             $lifetime_minutes
         );
     }
-
-    /**
-     * Create or update User.
-     */
-    protected function createOrUpdateUser(?User $user, object $flarum_user): User
-    {
-        // Get a user instance
-        if (null === $user) {
-            $user = $this->getUser();
-        }
-
-        // Attributes to update: Flarum user => local user
-        $update_attributes = Config::get('flarum.update_attributes', []);
-
-        // Update attributes
-        foreach ($update_attributes as $flarum_attribute => $local_attribute) {
-            $user->{$local_attribute} = $flarum_user->{$flarum_attribute};
-        }
-
-        // Set a random password
-        $user->password = bcrypt(Str::random(30));
-
-        // Save user
-        if ($user->isDirty()) {
-            $user->save();
-        }
-
-        // Return user
-        return $user;
-    }
-
-    /**
-     * Get User instance.
-     */
-    protected function getUser(): User
-    {
-        return Container::getInstance()->make(Config::get('flarum.model'));
-    }
 }