add method to query all user auth tokens #24686
Conversation
| ->where($qb->expr()->eq('uid', $qb->createParameter('uid'))) | ||
| ->setParameter('uid', $user->getUID()) | ||
| ->execute() | ||
| ->fetchAll(); |
There was a problem hiding this comment.
please dont chain everything.
execute() returns a different object, so please use a new variable.
also you should closeCursor() on that new object.
|
What happens if a user has thousands of devices? does it make sense to limit the return? |
Are you talking about simply not showing more than X entries or pagination? As discussed with @PVince81 yesterday, we think pagination won´t be needed here assuming users won't have 20k connected clients. |
ChristophWurst
force-pushed
the
query-user-authtokens
branch
from
96c5094
to
e88ad56
Compare
|
Hard limit, this is only about an abuse case, but we want to make sure, that an abuser can still be listed and dealt with. |
|
@nickvergessen what kind of abuse are you talking about? Someone creating a large number of tokens? |
ChristophWurst
force-pushed
the
query-user-authtokens
branch
from
e88ad56
to
326683b
Compare
| @@ -83,4 +84,28 @@ public function getToken($token) { | |||
| return DefaultToken::fromRow($data); | |||
| } | |||
|
|
|||
| /** | |||
| * Get all token of a user | |||
There was a problem hiding this comment.
does not match interface
There was a problem hiding this comment.
which interface?
There was a problem hiding this comment.
its missing the warning
* The provider may limit the number of result rows in case of an abuse
* where a high number of (session) tokens is generated
If you don't want to repeat yourself, use
/**
* {@inheritdoc}
*/
There was a problem hiding this comment.
Please check again, there is no interface the mapper implements. DefaultTokenProvider implements IProvider and has the right doc block 😉
There was a problem hiding this comment.
Ah, I ment lib/private/Authentication/Token/DefaultTokenProvider.php well then copy the doc lines from there.
ChristophWurst
force-pushed
the
query-user-authtokens
branch
3 times, most recently
from
ec0dd9c
to
2572192
Compare
|
Looks good now 👍 |
|
Looks really good 👍 |
ChristophWurst
force-pushed
the
query-user-authtokens
branch
from
2572192
to
946d330
Compare
|
Come on, Jenkins. 4 hours and still no results ? @ChristophWurst mind rebasing and repushing to kick his butt ? |
ChristophWurst
force-pushed
the
query-user-authtokens
branch
from
946d330
to
0626578
Compare
kicked |
|
This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs. |
required for #24675 and the personal settings page PR I'm working on
@MorrisJobke @PVince81 @nickvergessen @rullzer