FOSFacebookBundle icon indicating copy to clipboard operation
FOSFacebookBundle copied to clipboard

Published 20 hours ago verified publisher icon FriendsOfSymfony

"User must complete his informations" scenario, hard to override the authentication provider

Open benjamindulau opened this issue 13 years ago • 1 comments
trafficstars

Hi,

I'd like to open a discussion around making easier to handle the following (very) common scenario :

"The user connected successfully with FB but he MUST complete his informations (like his username)"

Typically, when the connection with FB is verified, the user is redirected on a page where he is invited to complete his informations.

I tried to implement such a thing, but in every case i can't get something working "perfectly".

Solution 1:

Check that the user object is valid in the user provider and if it's not, throw a custom exception like "UserIncompleteException". Then handle this properly in a custom AuthenticationSuccessHandler.

Not possible because in that case the token is not created but we need it in the controller that builds the next form.

Solution 2:

Check that the user object is valid in the user provider and if it's not, mark the user as incomplete. Then test this in a custom AuthenticationSuccessHandler, and redirect the user to the correct form.

It creates issues, because the FacebookUserToken is created and the user is always granted by "IS_AUTHENTICATED_FULLY" test. That should not happen.

Solution 3:

Implement a custom authentication provider overriding the current one to handle such a scenario.

For instance, by using a custom UserChecker class which would throw an exception when the user object is not valid. The provider could then handle that specific exception and create an IncompleteUserToken token extending the AnonymousUserToken class and return it. That way it would be really easy to handle the next steps because the token would exist but wouldn't be granted on "IS_AUTHENTICATED_FULLY" test.

I was happy with this solution until i saw that it's really difficult to change the injected provider class since it's constructed by the FacebookFactory.

So now, i'm stuck with that ;-)

So i propose, 1: to make easier for the developers to handle this scenario by adding native support of "Solution 3" , or 2: to make easier to extend the default authentication provider, or 3: to let you making a fool of me because i didn't saw the obvious solution before going complex ;-)

Cya, Benjamin.

benjamindulau avatar Jun 19 '12 13:06 benjamindulau

+1 - have also encountered this annoying scenario

lmcd avatar Oct 03 '12 04:10 lmcd