wordpress-playground icon indicating copy to clipboard operation
wordpress-playground copied to clipboard

Published 20 hours ago verified publisher icon WordPress

Add cookie strategy configuration to PHP request handler

Open fluiddot opened this issue 1 year ago • 3 comments

Motivation for the change, related issues

Related issue from the Studio app: https://github.com/Automattic/studio/issues/387

Currently, cookies are persisted internally in the PHP request handler (reference). This ensures that cookies are not lost between requests when using Playground in environments that lack cookie management, like when embedding it in an IFrame.

However, when Playground is served via a server (e.g. running Playground CLI), this behavior implies that all accesses to the site will use the same cookies. For instance, if I log in to the site and then navigate to WP-Admin in incognito mode, it doesn't redirect to the login page because it's already authenticated. The same results are obtained when navigating using a different browser. This also entails the limitation of not being able to log in with different users on the site.

In this scenario, we don't need to persist cookies internally as they will be managed by the browser.

Implementation details

  • A new option has been added to the configuration (cookiesStrategy) to the PHP requests handler that allows controlling whether the cookies will persist internally or not. The option is optional and will fall back to using the internal cookie store.
  • The boot function of Playground CLI has been updated to ensure it avoids persisting cookies.
  • Since the auto-login will no longer work for Playground CLI, an alternative has been implemented that uses a query parameter to perform the auto-login.

Testing Instructions (or ideally a Blueprint)

Web

  • Run the command npm run dev.
  • Navigate to the website server (e.g. http://127.0.0.1:5400/website-server/).
  • Observe the site loads successfully.
  • Navigate to the WP-Admin.
  • Observe WP-Admin loads successfully.

CLI

  • Run the command nx dev playground-cli server.
  • Navigate to the site (e.g. http://127.0.0.1:9400).
  • Observe the site loads successfully.
  • Navigate to the WP-Admin dashboard (http://127.0.0.1:9400/wp-admin).
  • Observe it redirects to the login page.

CLI (Auto-login)

  • Run the command nx dev playground-cli server --login.
  • Observe that options to auto-login are logged in the terminal.
  • Navigate to the site (e.g. http://127.0.0.1:9400/wp-admin/?playground-auto-login=true).
  • Observe it auto-logins to the WP-Admin dashboard.
  • Navigate to other pages.
  • Observe that the user is still logged.
Captura de pantalla 2024-09-11 a las 18 18 57

fluiddot avatar Sep 11 '24 16:09 fluiddot