gatekeeper icon indicating copy to clipboard operation
gatekeeper copied to clipboard
verified publisher icon psecio

Logging in and remembering work suspiciously

Open Ser5 opened this issue 10 years ago • 1 comments

I tried to run this code:

use \Psecio\Gatekeeper\Gatekeeper;
Gatekeeper::disableThrottle();
$r = Gatekeeper::authenticate(array('username' => 'blah', 'password' => 'meh'), true);
echo '<pre>';
var_dump($r, Gatekeeper::checkRememberMe());
echo '</pre>';

which gave me true, false. Umm, that means that user is authenticated successfully but not. I tried to investigate and inside Gatekeeper::authenticate() found this line:

if (self::$throttleStatus === true && $result === true) {

Which, if I understood correctly, means that "remember me" works only when throttling is enabled... eh... Looks like if I remove self::$throttleStatus === true remembering does work - but recalling still doesn't.

Digging further inside RememberMe::setup() I found this:

        if ($userToken->id !== null || $this->isExpired($userToken)) {
            return false;
        }

$userToken->id !== null condition triggers and the false is returned. I don't understand this logic and cannot suggest anything more. I don't think it works as intended, though... are these bugs?

Ser5 avatar Jul 17 '15 18:07 Ser5

Sounds like it, yes....I'd have to spend some time tracking back through them to be sure though.

enygma avatar Jul 17 '15 19:07 enygma