Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix login remember me with google authentication #740

Open
wants to merge 3 commits into
base: master
Choose a base branch
from

Conversation

arcmovex
Copy link

I fixed the bug when I'm using google authenticator, the remember me cookie is not working thus the user session will be revoke even if the remember me is checked.

I used session based solution to pass the value without appearing in the url param.

Thanks.

@rochamarcelo rochamarcelo self-requested a review January 17, 2019 13:19
// for after login event auth
$hasRememberMe = $this->request->getSession()->read('hasRememberMe');
if ($hasRememberMe) {
$this->request->data(Configure::read('Users.RememberMe.Cookie.name'), $hasRememberMe);
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please add a unit test for this

@@ -288,6 +288,14 @@ public function verify()

$user['secret_verified'] = true;
}

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.


// Push the remember me value to post data
// for after login event auth
$hasRememberMe = $this->request->getSession()->read('hasRememberMe');
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please use a namespace key like Users.hasRememberMe

$hasRememberMe = $this->request->getSession()->read('hasRememberMe');
if ($hasRememberMe) {
$this->request->data(Configure::read('Users.RememberMe.Cookie.name'), $hasRememberMe);
$this->request->getSession()->delete('hasRememberMe');
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please use a namespace key like Users.hasRememberMe

// store the remember me value from login into session temporarily
// to pass the value to verify action
if (Configure::read('Users.RememberMe.active')) {
$this->request->getSession()->write('hasRememberMe', $this->request->getData(Configure::read('Users.RememberMe.Cookie.name')));
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please add an unit test for this

@Ali1
Copy link
Contributor

Ali1 commented Apr 6, 2019

Will do in a month

@steinkel steinkel added this to the 9.1.0 milestone Aug 11, 2020
@steinkel steinkel modified the milestones: 9.1.0, 10.0.0 Aug 24, 2020
@steinkel steinkel removed this from the 10.0.0 milestone Feb 1, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants