search

DirectoryTree / Bartender

An opinionated way to authenticate users using Laravel Socialite.
MIT License
254 stars 9 forks source link

Session should generate on login #2

Closed nick-potts closed 7 months ago

nick-potts commented 7 months ago

fixes #1

stevebauman commented 7 months ago

Hi @nick-potts, why is this necessary? Isn't this already done via Auth::login()?

https://github.com/laravel/framework/blob/b9e4c7a27f30f05a87563f82b4917c544f8eb1bd/src/Illuminate/Auth/SessionGuard.php#L516-L525

https://github.com/laravel/framework/blob/b9e4c7a27f30f05a87563f82b4917c544f8eb1bd/src/Illuminate/Auth/SessionGuard.php#L544-L555

https://github.com/laravel/framework/blob/b9e4c7a27f30f05a87563f82b4917c544f8eb1bd/src/Illuminate/Session/Store.php#L596-L613

I've never had to do this in any Laravel app previously

stevebauman commented 7 months ago

Confirmed that this isn't needed as Laravel already handles this under the hood.

nick-potts commented 7 months ago

Laravel does the session automatically, but not the CSRF token - which is covered by this.

Not a huge issue, but laravel does recommend it in the docs: https://laravel.com/docs/11.x/authentication#authenticating-users

stevebauman commented 7 months ago

Thanks for the link @nick-potts! News to me, had no idea, appreciate the PR 🙏