Message of the day:
Welcome. Latest release: https://www.silverstripe.org/download Community Forum: https://forum.silverstripe.org Features: https://forum.silverstripe.org/c/feature-ideas Archive: https://slackarchive.silverstripe.org
If you have any SilverStripe related questions, please supply the version of Framework you're using.
Did you flush? 🚽 =
Archive temporarily at https://archive.codingplayground.nl (redirect)
make Security final, and keep bits private
does PHP have the concept of final classes (ones that can't be inherited from)?
No it's not, it's a thorn in every bit of my body! 😛
A better solution would be, to go through the ID Store properly, but with 2 days to go, that just wasn't an option (especially since those two days were a weekend off for me)
It is a nice shortcut though 😉
Security now only gets to keep the information as well as the identity store. And thats unfortunate
So the actual flow is still the same....
The reason I accepted it, is because basically, the middleware does the authentication and sets the identitystore, and then tells Security which user it has just logged in.
It is not "fine", it's a shortcut taken due to time limitations