Logging in on sites with basic http auth impossible

[petarbasic]

The issue appeared after upgrading from 3.4.1 to 4.1. Function for logging in a user does a fast logout - which resets the session and removes all the headers set. This practically makes this step (I am logged in as a user with the "example" role) unusable with sites that have basic auth setup.

Our workaround is not a change to drupal-extension itself, but an addition to the Mink Session where we adapted it to apply basic auth after each session starts & reset. another way to go could be to somehow acquire credentials and set the basic auth after fast logout, or remember the Authorization header and re-add it after logout (but getting headers is not supported by session/drivers).

Suggestions, remarks & explanations are welcome!

[pfrenssen]

This is a very interesting case. Maybe a quick solution could be to set the basic auth credentials in the mink base URL? e.g. http://user:pass@my-environment.

You can also override the DrupalAuthenticationManager class and extend the ::login() method to adapt it to your use case. It is probably enough to simply remove this line that does a fast logout. We are resetting the session in Mink, I'm guessing this is what causes the credentials to be reset. You would have to handle relogging with one additional step though to ensure the previous user is logged out manually when logging in a new user.

But I think your suggestion to handle this in the Mink session is probably the best approach. Basic auth is not handled by Drupal but by the webserver (Apache or Nginx), so this is something that is ideally handled inside Mink.

[Berdir]

The also causes problems for other things, like the big pipe cookie, currently we check that inside an @AfterStep and add it back if necessary.

[fago]

as discussed at https://github.com/minkphp/Mink/issues/810 this is best fixed here