Skip to content

add anonymous users support #22

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 3 commits into
base: master
Choose a base branch
from
Open

add anonymous users support #22

wants to merge 3 commits into from

Conversation

htaoufikallah
Copy link

No description provided.

@htaoufikallah
Copy link
Author

htaoufikallah commented Jul 28, 2020
edited
Loading

Hello @bpolaszek, do you have any suggestion to fix those failing checks with --prefer-stable option?

@bpolaszek
Copy link
Owner

Hello @htaoufikallah - thank you for this PR!

I'm currently pretty busy and I can't review this at the very moment, but that's definitely something I wanted to work on.

I'll try to check that out within the next days/weeks, please be patient.

@htaoufikallah
Copy link
Author

No worries @bpolaszek I'll wait, thank you

@bpolaszek
Copy link
Owner

Hello @htaoufikallah, thanks for your patience and for the time you took to improve this library! 🙂

Allowing anonymous users is something that I wanted to do for a while, in order to send notifications to people that did not necessarily sign up to the app. They could be targeted through different, arbitrary attributes than the associated user id (main controller expecting an optional, additional payload of data associated to the subscription).

The main concern that prevented me from doing it, is that it would break existing implementations, because interfaces have to be changed to allow nullable UserInterface (and so do the implementations). There's a disclaimer in the README saying that this lib should not to be considered as stable and changes have to be expected, but a README doesn't prevent a bad composer update and I'd like to avoid breaking things on others' apps as much as possible.

What I notice from your implementation are:

Those issues are legit, however I think we can address them in a different way.
The approach I was just thinking about is to:

  • Leave the existing contracts unchanged: UserInterface remains mandatory.
  • Introduce in the library an AnonymousUser class, marked @internal, implementing Symfony\Component\Security\Core\User\UserInterface (without any Doctrine annotations, because persistence is the implementor's responsibility).
  • 1st lines of BenTools\WebPushBundle\Action\RegisterSubscriptionAction::__invoke become this:
if (!in_array($request->getMethod(), ['POST', 'DELETE'])) {
    throw new MethodNotAllowedHttpException(['POST', 'DELETE']);
}

$data = json_decode($request->getContent(), true);
$subscription = $data['subscription'] ?? [];
$options = $data['options'] ?? [];
$user = $user ?? new AnonymousUser($options); // options being an arbitrary array of data sent by the client

This way, the main controller always provide a valid UserInterface implementation.

  • Provide documentation on how to implement and/or register a UserSubscriptionManagerInterface for AnonymousUser (implementor can match this class against instanceof operators, and deal with the arbitrary data passed by the user agent. This means implementor can either register 2 managers, or 1 for both classes by discriminating user classes under the hood).

Regarding anonymous -> logged-in upgrade:

  • Collisions can already be managed by the implementor with the way they implement UserSubscriptionManagerInterface::hash and UserSubscriptionManagerInterface::factory: you can hash the subscription payload without the user information, and check for an existing anonymous entry when implementing the factory() method.

Unless there's something I didn't spot out, this would help bringing this feature without breaking existing apps.

What do you think?

@htaoufikallah
Copy link
Author

Hello @bpolaszek,
Thanks for taking the time to review this PR I understand your concern very well, which I missed while preparing this PR.
I read your approach many times and I think I understand it very well, so I'll give it a try and I'll update this PR with the required changes 🙂

@bobemoe
Copy link

bobemoe commented Aug 6, 2023

This looks like just what I need. What is stopping it being merged? Happy to help here, I am setting up a new project where I would need this so could test this at the same time?

bpolaszek
bpolaszek requested changes Aug 16, 2023
View reviewed changes
Copy link
Owner

@bpolaszek bpolaszek left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sorry for the delay!
Would you mind implementing default methods of AnonymousUser, i.e. getRoles should return an empty array, etc.

Thanks!
Ben

@htaoufikallah
Copy link
Author

please recheck and let me know if anything need to be done.

@bpolaszek
Copy link
Owner

Approved too fast: missing this in AnonymousUser:

public function getUserIdentifier(): string
{
    return '';
}

This method has been introduced in SF6's UserInterface.

@bpolaszek bpolaszek mentioned this pull request Jul 15, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bpolaszek bpolaszek bpolaszek approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@htaoufikallah @bpolaszek @bobemoe