Log in using GitHub #680
Log in using GitHub #680
Conversation
| @@ -65,7 +65,6 @@ LEMON_SQUEEZY_PATH= | |||
| GITHUB_PERSONAL_ACCESS_TOKEN= | |||
| GITHUB_CLIENT_ID= | |||
| GITHUB_CLIENT_SECRET= | |||
| GITHUB_REDIRECT_URI= | |||
There was a problem hiding this comment.
Given that there are now two different callbacks, the redirect URL is not loaded from the config, it is set up dynamically in each of the redirecting endpoints
| /** | ||
| * Handles the GitHub login redirect. | ||
| */ | ||
| public function index(): RedirectResponse |
There was a problem hiding this comment.
This is the endpoint called from the "Log in using github" in the login page, it redirects you to GitHub's authentication page, setting the right callback url
|
|
||
| $user = User::where('email', $githubUser->getEmail())->first(); | ||
| if (! $user instanceof User) { | ||
| session([ |
There was a problem hiding this comment.
If there is no user with the email sent back by GitHub, we redirect the user to the "register" page, and we save in the session the github email and the username so that they can be used in that page
| return to_route('register'); | ||
| } | ||
| if ($user->github_username === null) { | ||
| $errors = $github->linkGitHubUser($githubUser->getNickname(), $user, $request); |
There was a problem hiding this comment.
If the user with the GitHub email is not yet linked to this GitHub account, we try to link it
| if ($user->github_username === null) { | ||
| $errors = $github->linkGitHubUser($githubUser->getNickname(), $user, $request); | ||
|
|
||
| if ($errors !== []) { |
There was a problem hiding this comment.
This error will only happen in a very unusual situation: if there is already a user linked to this GitHub account but the email in the Pinkary account does not match the email in the GitHub account. In this case we cannot link the user or log them in, so we redirect back to login with an error
| @@ -61,11 +72,12 @@ class="mt-2" | |||
| /> | |||
| <x-text-input | |||
| id="email" | |||
| class="mt-1 block w-full" | |||
| class="mt-1 block w-full {{ $githubEmail !== null ? 'text-slate-500' : '' }}" | |||
There was a problem hiding this comment.
If we received the email from GitHub we mark it as readonly and with a lighter colour
| @@ -162,6 +174,15 @@ class="mt-2" | |||
| /> | |||
| @endif | |||
|
|
|||
| @if ($githubUsername) | |||
| <x-text-input | |||
There was a problem hiding this comment.
We add a hidden field to be able to send back the GitHub username back to the registration controller
| @@ -47,6 +48,15 @@ | |||
| ->middleware('throttle:two-factor'); | |||
| }); | |||
|
|
|||
| Route::prefix('/profile/connect/github')->group(function () { | |||
There was a problem hiding this comment.
The new routes for the GitHub login. They don't need authorization
| @@ -17,4 +17,5 @@ | |||
|
|
|||
| $response->assertStatus(302); | |||
| $response->assertRedirectContains('https://github.com/login/oauth/authorize'); | |||
| $response->assertRedirectContains('update'); | |||
There was a problem hiding this comment.
We test that both callback URLs are different
| ], absolute: false)); | ||
|
|
||
| expect($user->email_verified_at)->toBeNull(); |
There was a problem hiding this comment.
If you register normally, your email won't be verified
carlos-granados
force-pushed
the
github-login
branch
from
5a72056
to
b74957a
Compare
|
@nunomaduro any interest on this? Just wondering if I need to keep it updated. Thanks!! |
Given that users can connect their GitHub account to their Pinkary account, this PR allows them to log in using their GitHub account. We show a new "log in using GitHub" link in the login page.
NOTE: Given that when setting up the application in GitHub you cannot list more than one callback URL and given that now we need to redirect the GitHub login to two different endpoints depending on whether you are logged in or not, we need to modify the URL listed in the application to only list the prefix that is common to both URLs, because GitHub will accept any callback URL that matches the prefix listed in the app definition. So instead of listing the callback URL as :
https://pinkary.com/profile/connect/github/updateIt needs to be listed as:
https://pinkary.com/profile/connect/githubThis will also accept the new URL:
https://pinkary.com/profile/connect/github/login/callbackThis change can be done in advance, before deploying this new version and it will continue to work with the old version
NOTE: My experience with Laravel is quite limited. I have tried to follow the same principles and architecture as in the existing code but there may be cases where things could have been done in a better way. If that is the case, let me know and I will update the code
See the PR comments for more info