Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Create a custom session handler #1

Open
themightychris opened this issue Jan 7, 2016 · 1 comment
Open

Create a custom session handler #1

themightychris opened this issue Jan 7, 2016 · 1 comment

Comments

@themightychris
Copy link
Contributor

Plug a custom session handle to emergence that takes advantage of spark-fe's authentication to skip doing any database lookups
@jmealo
Copy link
Contributor

jmealo commented Jan 7, 2016

@themightychris let's coordinate on this, I'd like PHP to be able to emit NATS messages to all of a user's sessions, or just the current session. Once we've done this we should be able to handle logouts and multiple tabs much more gracefully as well as unified logging.

We should also go over the fields I'm providing and making sure those fit your needs/vision for this as now would be the time to firm that up.

Here's an example of the incoming headers to the API.

{
    "host": "sandbox-school.matchbooklearning.com",
    "x-forwarded-proto": "https",
    "x-real-ip": "73.188.175.202",
    "x-forwarded-for": "73.188.175.202",
    "cache-control": "max-age=0",
    "accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8",
    "upgrade-insecure-requests": "1",
    "user-agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.106 Safari/537.36",
    "accept-encoding": "gzip, deflate, sdch",
    "accept-language": "en-US,en;q=0.8",
    "cookie": "sandbox-school-s=d4b0fdc4f0c90ba781e2bd672ec126b1",
    "x-nginx-session": "{\"username\":\"ccross\",\"groupHandles\":\"north\",\"lastName\":\"Cross\",\"firstName\":\"Clarisa\",\"email\":\"[email protected]\",\"userId\":7,\"accountLevel\":\"Student\"}",
    "x-nginx-mysql-schema": "sandbox-school",
    "x-nginx-mysql-host": "10.128.109.167",
    "x-nginx-request-id": "lhI6p0wqhMe9MS7v"
  }

The session information is sent as x-nginx-session.

The concept here being to prevent spoofing, we strip any x-nginx-* headers coming into NGINX.

{
   "username":"ccross",
   "groupHandles":"north",
   "lastName":"Cross",
   "firstName":"Clarisa",
   "email":"[email protected]",
   "userId":7,
   "accountLevel":"Student"
}

_I've been dying to get anonymous/trusted (without an Emergence session) auth working so we can do health checks and intra-server communication, so that work should be tied in with supporting anonymous sessions. There's Lua code to do OAuth, but I'm thinking JWT would be more appropriate for what we want to do._

themightychris pushed a commit that referenced this issue Mar 14, 2020
@jmealo
Merge pull request #1 from JarvusInnovations/develop
5a1573e 
Version v0.9.0 Release
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@themightychris @jmealo