Rjm/remoteuser #42
Rjm/remoteuser #42
Conversation
| * to your project .env file to set the user netid. | ||
| * | ||
| */ | ||
| 'remote_user_variable' => env("REMOTE_USER_VARIABLE", "REMOTE_USER"), |
There was a problem hiding this comment.
I think this PR is a great idea. I just suggest to name it 'remote_user' instead of 'remote_user_variable'. I think 'remote_user_variable' is too long.
There was a problem hiding this comment.
I worried that it would be too confusing, but as long as people used env(config('starterkit.remote_user')) it would be ok. Thoughts, @woodseowl ?
There was a problem hiding this comment.
I think the long name is appropriate. remote_user as a name suggests to me that it is some kind of entity.
There was a problem hiding this comment.
I think '_variable' does not give any clue that it is local. Maybe 'remote_user_app' then?
Another question: do we need a separate "starterkit" config file? Would it be cleaner to use config/app.php. It is almost empty. We are using app.js and app.css for other application customizations.
There was a problem hiding this comment.
The value is the name of the environment variable used by the server (Apache module / PHP), so it really is a variable. We could call it remote_user_environment_variable to be most clear. I think that @woodsowl's idea of putting this in its own package with the middleware is a good one.
There was a problem hiding this comment.
Since this is in a package we don't have access to config/app.php. starterkit is the shortname of the package, so that is what the config fille is called. If we push this into it's own cu-auth package as Eric suggests, then it can go in cu-auth.php (or cuauth.php? I'm not sure what happens to the dash in the package template).
There was a problem hiding this comment.
I guess we all agree about location: config/cu-auth.php
|
Great to see this in a PR! I think that Looking at how we use that environment value in another project, I see a CUAuth middleware that picks it up and registers and/or logs in the user along with storing the user in the session. I presume that's all we are doing with this? What if we made a mini package called
The config file would be exactly what you have in this PR, but it would then be referenced as If we do that, would anything outside that package even need to know what |
|
I like using config/cu-auth.php for this specific setting. I still do not like using "_variable". I do not see any value in it. Also pls see my other comment about app config |
|
Putting this in it's own package with the middleware makes sense, but note that the .env file in the server instance is still going to need a key called REMOTE_USER_VARIABLE or REMOTE_USER_ENVIRONMENT_VARIABLE. |
what about REMOTE_USER_ENV? |
Isn't it that you set the default value in the config file and then |
|
|
The .env key is not necessary on local development, but would be used on M3 servers if the NetID is supplied in an environment variable other than REMOTE_USER. There are installation differences on the servers such that sometimes the NetID is in REDIRECT_REMOTE_USER, or something else. |
|
@woodsowl if a cu-auth package includes middleware, it is going to depend on a User model which contains a NetID field. Where do you see that being included? |
|
User model: It's in the base Laravel install, so all we need is a migration to add |
Description / context for this PR:
The remote user variable set by the Apache shibboleth module differs from instance to instance depending on
how PHP was installed. On some instances the variable is REMOTE_USER, on others it is REDIRECT_REMOTE_USER
or other variants. Instead of hardcoding this value, a configuration parameter remote_user_variable is used
to contain the variable name. This is defaulted to REMOTE_USER.
In project code, use env(config('starterkit.remote_user_variable')) to retrieve the netid.
To Review:
Set variables in the .env file
REMOTE_USER_VARIABLE=YOURVARIABLE
YOURVARIABLE=ewe2