Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feat: Disqus OAuth Provider #3526

Merged
merged 21 commits into from
Aug 9, 2022
Merged

Feat: Disqus OAuth Provider #3526

merged 21 commits into from
Aug 9, 2022

Conversation

2002Bishwajeet
Copy link
Contributor

What does this PR do?

Adds Disqus OAuth Provider

Test Plan

Manual Testing

Related PRs and Issues

#410

Have you read the Contributing Guidelines on issues?

Yes ✨

2002Bishwajeet
2002Bishwajeet commented Jul 8, 2022
View reviewed changes
.gitpod.yml Show resolved Hide resolved
src/Appwrite/Auth/OAuth2/Disqus.php Show resolved Hide resolved
src/Appwrite/Auth/OAuth2/Disqus.php Outdated Show resolved Hide resolved
src/Appwrite/Auth/OAuth2/Disqus.php Show resolved Hide resolved
@2002Bishwajeet
Copy link
Contributor Author

Now for some screenshots.

disqus in Oauth

appId and API key

image

image

image

image

@Meldiron
Copy link
Contributor

@2002Bishwajeet I answered all of your comments and left one new comment. Please address those. Then Ill jump into full code review.

By the way, amazing quality of a PR! 🤩

Meldiron
Meldiron requested changes Jul 11, 2022
View reviewed changes
src/Appwrite/Auth/OAuth2/Disqus.php Outdated Show resolved Hide resolved
src/Appwrite/Auth/OAuth2/Disqus.php Outdated Show resolved Hide resolved
src/Appwrite/Auth/OAuth2/Disqus.php Outdated Show resolved Hide resolved
@Meldiron
Copy link
Contributor

@2002Bishwajeet left code review, just a few small details. Overall looks good 👍 Once they are resolved, I can mark PR as approved.

Meldiron
Meldiron approved these changes Jul 11, 2022
View reviewed changes
Copy link
Contributor

@Meldiron Meldiron left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me 🥳 Let's please try to make one more account after doing all of these changes to make sure functionality is still untouched.

@Meldiron
Copy link
Contributor

Also please sync with master, looks like there is a conflict with composer.lock. It's a lock file, you can accept all incoming changes (I guess you didn't add any new libraries, nor used any new versions)

@2002Bishwajeet
Copy link
Contributor Author

I will test it again now

@2002Bishwajeet
Copy link
Contributor Author

Screenshots time 📸

image

image

@Meldiron
Copy link
Contributor

Hmm why is account marked as emailVerified=true? Is this something we do always? @TorstenDittmann probably

@2002Bishwajeet
Copy link
Contributor Author

any updates?

@stnguyen90
Copy link
Contributor

Hmm why is account marked as emailVerified=true? Is this something we do always? @TorstenDittmann probably

It's hardcoded to true now:

appwrite/app/controllers/api/account.php

Line 484 in e17ab5f

'emailVerification' => true,

but it wasn't before... @TorstenDittmann, do you remember why this change was made?

@TorstenDittmann
Copy link
Contributor

TorstenDittmann commented Jul 20, 2022
edited
Loading

Hmm why is account marked as emailVerified=true? Is this something we do always? @TorstenDittmann probably

It's hardcoded to true now:

appwrite/app/controllers/api/account.php

Line 484 in e17ab5f

'emailVerification' => true,

but it wasn't before... @TorstenDittmann, do you remember why this change was made?

There is a problem with OAuth2 Providers that don't need a verification for the E-Mail and allows you to potentially hijack an account.

Let's say you have an account registered in Appwrite with the e-mail [email protected], now someone else creates a Discord Account using [email protected] and lets say it doesn't need any verification for the E-Mail.

Then this other person can log in to the existing [email protected] account.

So this part reverts that change, since there is a lot of issues with the current implementation.

But it is the first stepstone in our OAuth2 Class to improve this in the future.

christyjacob4
christyjacob4 requested changes Aug 5, 2022
View reviewed changes
Copy link
Member

@christyjacob4 christyjacob4 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Awesome work!

Some minor comments.

  • Please reduce the image size from 200x200 to 100x100 as mentioned in the guidelines.

christyjacob4
christyjacob4 approved these changes Aug 9, 2022
View reviewed changes
Copy link
Member

@christyjacob4 christyjacob4 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good 👍

@christyjacob4 christyjacob4 merged commit dae148a into appwrite:master Aug 9, 2022
@2002Bishwajeet 2002Bishwajeet deleted the feat-disqus-Oauth-provider branch August 9, 2022 07:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Meldiron Meldiron Meldiron approved these changes

@christyjacob4 christyjacob4 christyjacob4 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@2002Bishwajeet @Meldiron @stnguyen90 @TorstenDittmann @christyjacob4