Adds command to list user sessions #24675
Conversation
|
By analyzing the blame information on this pull request, we identified @ChristophWurst, @nickvergessen and @schiesbn to be potential reviewers |
| * @param string $uid | ||
| * @return DefaultToken[] | ||
| */ | ||
| public function getTokenByUser($uid) { |
There was a problem hiding this comment.
I'm open for naming suggestions :)
|
Note that currently multiple |
| * @return IToken[] | ||
| * @since 9.1 | ||
| */ | ||
| public function getTokenByUser($uid); |
There was a problem hiding this comment.
How about passing an IUser object for greater flexibility?
|
Since on master we're querying multiple providers, while this PR assumes there is only one, #24677 is required for this PR to work correctly. |
|
How about also showing the token type (browser/client)? |
| @@ -127,6 +127,7 @@ | |||
| $application->add(new OC\Core\Command\User\LastSeen(\OC::$server->getUserManager())); | |||
| $application->add(new OC\Core\Command\User\Report(\OC::$server->getUserManager())); | |||
| $application->add(new OC\Core\Command\User\ResetPassword(\OC::$server->getUserManager())); | |||
| $application->add(new OC\Core\Command\User\Sessions(\OC::$server->query('OC\Authentication\Token\DefaultTokenProvider'))); | |||
There was a problem hiding this comment.
I'd prefer to query the interface here, so we can easily swap the implementation.
There was a problem hiding this comment.
Add a get method to the server container, querying an interface is a good base idea, but not the final solution.
Basically query() should be used internally only.
There was a problem hiding this comment.
Add a get method to the server container, querying an interface is a good base idea, but not the final solution.
Basically query() should be used internally only.
It is the interim solution until the auto injection also works in core ;)
There was a problem hiding this comment.
I added the server method in my PR: https://github.com/owncloud/core/pull/24703/files#diff-0a830b0354b26e84f08f705b5356a05bR842
There was a problem hiding this comment.
Well the problem is, with the class name being used it can not be replaced. It should use the interface and the interface should be a service using a factory, to allow "swapping" with a different provider.
Basically something like https://github.com/owncloud/core/blob/master/lib/private/Server.php#L160-L172 but with the public interface as service name for the auto-injection
Why if I start a session from a iOS oC app, the command shows two active sessions of a user? |
|
@davitol that might be a bug. We had to add a little hack that creates session tokens for DAV clients, which can cause multiple session tokens being created if the client does not use cookies. |
MorrisJobke
force-pushed
the
command-to-list-user-sessions
branch
from
1c1e1f6
to
3dfc75d
Compare
| @@ -223,6 +223,7 @@ public function __construct($webRoot, \OC\Config $config) { | |||
| $timeFactory = new TimeFactory(); | |||
| return new \OC\Authentication\Token\DefaultTokenProvider($mapper, $crypto, $config, $logger, $timeFactory); | |||
| }); | |||
| $this->registerAlias('OC\Authentication\Token\IProvider', 'OC\Authentication\Token\DefaultTokenProvider'); | |||
There was a problem hiding this comment.
@nickvergessen This is the interface thingy you requested - cc @ChristophWurst
MorrisJobke
force-pushed
the
command-to-list-user-sessions
branch
from
3dfc75d
to
904d50c
Compare
|
I rebased this on top of #24686 - this now uses the proposed methods from @ChristophWurst PR :) @nickvergessen @ChristophWurst Please re-review |
|
This is the stuff, that is added here: 904d50c |
|
👍 very nice |
| $user = $this->userManager->get($uid); | ||
| if(is_null($user)) { | ||
| $output->writeln('<error>User "' . $uid . '" does not exist</error>'); | ||
| return; |
There was a problem hiding this comment.
Error means return != 0 ? 😉
|
please rebase |
|
@ChristophWurst Feel free to take over |
|
We're past feature freeze, moving to 9.2. CC @cmonteroluque @MTRichards |
|
nod |
Is this hack still necessary respectively can that be fixed that a DAV client produces only one session entry? Reason: querying table authtoken for statistical or access purposes via occ user command (see also referenced issue #25708) |
AFAIK that is more or less impossible. Clients can be stateless, hence there's nothing that identifies/groups a set of related requests. |
* extends public interface IToken to expose name and lastActivity * extends public interface Provider to expose tokens by user * add command to list sessions per user
DeepDiver1975
force-pushed
the
command-to-list-user-sessions
branch
from
5a0f1a7
to
5d5d017
Compare
|
@PhilippSchaffrath FYI |
|
@pmaier1 not sure if you have a concept in regards to session / token management completeness. I think the purpose was for an admin to be able to list all user sessions (or search by a user) and then be able to terminate such sessions with another OCC command. Moving to backlog until we can find time to finalize this |
|
This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs. |
extends public interface Provider to expose tokens by usersee add method to query all user auth tokens #24686cc @LukasReschke @PVince81 @DeepDiver1975 @ChristophWurst @nickvergessen