andersevenrud
commented
2 years ago Hm. There's no way to configure this or anything like that.
Could you give an example of what you're trying to achieve here ?
Closed maryam4s26 closed 2 years ago
andersevenrud
commented
2 years ago Hm. There's no way to configure this or anything like that.
Could you give an example of what you're trying to achieve here ?
mahsashadi
commented
2 years ago Indeed we have an AUTH service-provider.
Beside that we have a TEST application.
In destroy function of TEST application, we need to call one of AUTH SP methods for the purpose of token revoking.
It seems AUTH SP is destroyed before destroy of application!
andersevenrud
commented
2 years ago Service Providers are destroyed in a non-specified order (parallel async). And the Package Service Provider is what kills the applications.
So there's not really much you can do about that, I think.
Since you have your own Auth SP, can't the tokens be stored there so that you can just use the SP destroy as usual ?
andersevenrud
commented
2 years ago Closing due to inactivity.
Feel free to re-open if you wanna continue discussion.
mahsashadi
commented
1 year ago Sorry to re-open.
we have two kind of users 1- usual users which needs their token be revoked when they logged out. 2- admin users which their token is get when osjs server starts, and it is expected to be revoked when osjs servers destroyed (we are re-newing token during up time according to expire time)
In current implementation, for usual users we have sent token to client (maybe not a secure idea), so we have token at the time of logging out and therefore revoking..... but for admin users, if SP wants to revoke it itself, we do not have tokens.
So having this assumptions, what is your suggestion to handle both users? As you suggest, by keeping tokens in SP, you mean something like below?
let tokens = [
{username: 'usual_user_1',
password: 'pass1',
token:'token_1'
},
{username: 'usual_user_2',
password: 'pass2',
token:'token_2'
},
{username: 'service_1_admin_user',
password: 'service_1_admin_pass',
token:'service_1_token'
},
{username: 'service_2_admin_user',
password: 'service_2_admin_pass',
token:'service_2_token'
}
];
async revokeToken(token) {
...
}
maryam4s26
commented
1 year ago @andersevenrud
andersevenrud
commented
1 year ago I was thinking something like this:
class TheServiceProvider {
async destroy() {
await this.revokeTokens()
}
async revokeTokens() {}
async revokeToken(token) {}
}
class AuthAdapter {
async logout(req, res) {
const token = '' // Is this attached to session ?
await this.core.make('the-service-provider').revokeToken(token)
}
}@andersevenrud As you said yourself : "Service Providers are destroyed in a non-specified order (parallel async). And the Package Service Provider is what kills the applications." So, in order to be able to revoke admin users token when the OSjs down, is it the right thing to store their tokens in a variable in the service provider?
andersevenrud
commented
1 year ago So, in order to be able to revoke admin users token when the OSjs down, is it the right thing to store their tokens in a variable in the service provider?
You can store them wherever you want, but the "correct" place to place the token mechanisms etc. is in the Service Provider.
When the server shuts down, the destroy() method on your service is called, which is async. You can perform any action you need here.
Hello I want to use one of the service providers when osjs is shutting down in one of the applications using the destroy function and do something, but before doing this and calling the application's destroy, the service provider's destroy is called and the service provider is no longer available.