Closed mhdatie closed 7 years ago
Update
It is now possible to add multiple accounts but with some apparent issues:
Commits coming in shortly
For point #two:
Account switching works, but the token stored in the database manager is of the previous user. Therefore, the API calls are performed using the previous user's token, but the session was updated with the selected user (expected behavior).
A possible default behavior is to load the token from the User
RealmObject since every User
holds a Token
RealmObject. However, this is is up for debate since the Application OAuth
behavior is unknown yet. I personally don't like how the token is currently being stored in the DatabaseManager
as an attribute.
Update on issues:
For the crash part, there were missing null checks since the authenticator in the service catches unauthorized access to the Reddit API but by the time the call is made, the session object is null and causes a NPE. Adding a null check caused the authenticator to fire up the AuthActivity
Latest commit implements app-only grant:
https://github.com/reddit/reddit/wiki/OAuth2#application-only-oauth
However, there is still an unknown behavior when a new user is added:
Updates:
AuthActivity
to create the Guest User with the Application-Only GrantUSER_AUTH
)USER_AUTH
/subreddits/default
endpoint
SubscriptionActivity
doesn't use /subreddits/default
and still expects a valid Reddit User (todo). The refresh button forces a network call and updates the database accordingly.All in all, the Guest User is a regular user in the local storage and is distinguished with the USER_GUEST
via the User's getUserType()
method.
Todo also:
USER_GUEST
USER_GUEST
) or (hide remove button from USER_GUEST
and show all users)USER_GUEST
userLatest commit implements revoking the access token in case the user logs out (which switches to the Guest user after) or when selecting another user. Deleting a user is yet to be implemented.
Access tokens expire in an hour, so when the Guest's user token expires, a new one should be requested as there is no refresh token for Application-OAuth. This commit updates the Auth presenter to check whether the current user is the USER_GUEST
and only updates the token info. Otherwise, it creates a new Guest user.
Todo:
USER_GUEST
USER_GUEST
) or (hide remove button from USER_GUEST
and show all users)USER_GUEST
userMainActivity
from OnActivityResult()
does not load the user list in the Navigation Drawer.Fixes in the latest commit (needs testing):
RealmObject
after removing it so I had to do the call synchronously on the main thread.onActivityResult
. The issue was with the CompositeSubscription
being unsubscribed in onPause
instead of onDestroy
so the call was discontinuing. Todo:
USER_GUEST
the call doesn't return anything. This has to change to match the logic in the HomePresenter
which loads the initial HomeView
(including the subscriptions).USER_GUEST
. Notify the user to log in to perform that action. Make this change in one place which affect all actions across view listeners.The only thing remaining from what I know is the following:
Todo:
Find a way to detect whether an action that requires an API call to an User-OAuth endpoint is prevented by a user of type USER_GUEST
. Notify the user to log in to perform that action. Make this change in one place which affect all actions across view listeners.
The latest commit is interesting.
RedditModule
provides a proxy interface of class RedditClientInterface
instead of RedditClient
RedditClient
extends and uses some of the methods from RedditService
, and since the module interacts with an interface, I had to create an interface (RedditServiceInterface
) and let RedditClientInterface
extend it so that it utilize it's methods as a proxy.
The proxy has a handler that we pass the original RedditClient
object to. If checks on whether this service call is valid, it invokes the method on the original. If not, then it must make use of a NullInterface under the 'Null Object Pattern' for better null
handling.
The service call is valid if and only if the annotation on the service call matches the token holder (AUTH_USER vs GUEST_USER vs BOTH).
The reason behind this change is to control access to the application service call before performing any provider calls which require a connection. This leaves the provider interceptor to deal with unauthorized or invalid access token only and not access at the application level.
Next todo:
Null Object Pattern
and pass it to the handler.@Redgram/redributors I will merge into dev. Testing the changes would be really appreciated.
closing this
The following tasks are required for this ticket: