Enable 'web' Auth Guard, Implement Authenticatable for 'Session' Model, Enable Feature + Unit Testing, and Upgrade to Laravel v10

[grahamsutton]

Overview

• Enabling the web auth guard
• Extending the Illuminate\Foundation\Auth\User (a.k.a Authenticatable) class for the Session model
• Enabling feature and unit testing
• Upgrading Laravel to version 10 (currently running version 8)

Type

• [x] Changes to existing features

Motivation

What inspired this feature request? What problems were you facing?

1. web Auth Guard Disabled: The web auth guard is currently disabled, which makes it impossible to access the currently authenticated session through standard Laravel methods such as $request->user(), Auth::user(), or auth(). This hinders developers' ability to work with the currently authenticated session seamlessly. I have figured out a way to make this work with Shopify sessions and middleware by implementing a custom ShopifyGuard.

2. Session Model Doesn't extend Illuminate\Foundation\Auth\User: This means that developers cannot use Laravel's built-in authentication features with the Session model, leading to limitations in feature testing and session authentication. This is needed in order to make the ShopifyGuard work.

3. Feature and Unit Testing Isn't Configured: Currently, there's no tests directory. This sets a bad precedent, as it communicates that either testing cannot be achieved with the project or it is not considerably important quality for a Shopify app. Well tested apps produce fewer bugs and translate to a better Shopify experience for all merchants and to the Shopify brand's image. I created the tests directory and corresponding TestCase.php and CreatesApplication.php classes that come with every fresh installation of Laravel. And now With Session extending Illuminate\Foundation\Auth\User, we can now do $this->actingAs($session) to run feature tests which was not possible before.

4. Outdated Laravel Version: The repository is still running Laravel version 8, which has reached its end of life and is no longer receiving bug and security fixes. Upgrading to Laravel version 10 is essential to ensure the security and stability of the application. I've done this as well.

I've already implemented the necessary code changes to address these issues and would like to contribute them to the repository.

However, I would like to welcome your feedback on this before doing so. Please let me know your thoughts. I believe these changes would be highly desired by the many Laravel developers like myself that enjoy using this project but wished it contained the many out-of-the-box features we've come to love and enjoy from Laravel.

Area

• [ ] Add any relevant Area: <area> labels to this issue

---

Checklist

• [x] I have described this feature request in a way that is actionable (if possible)

[cthom-dev]

@grahamsutton This would be a really good implementation, could we when using online access tokens implement user roles and permissions packages like Spatie laravel-permission??