Freshrss: Login user automatically after creation
When a user creates a new account, he's redirected to the login page.
It's expected to be logged in at the same time and to be redirected to the main interface.
A solution would be to change app/Controllers/userController.php, createAction method with something like that line 232:
Minz_Session::_param('currentUser', $username);
Minz_Session::_param('passwordHash', $password_hash);
FreshRSS_Auth::giveAccess();
What do you think?
marienfressinaud
All 11 comments
I had almost forgotten that FreshRSS has the possibility for users to create accounts themselves, if the admin allows it :-)
I can see advantages with both approaches, so I do not really mind.
Probably should only be executed is $ok === true. And of course, $password_hash should be computed.
@marienfressinaud You are welcome to make a little PR; it's been a while ;-)
Related notes:
- Maybe we should re-introduce the e-mail field (e.g. for password recovery)
- Maybe we could have GDPR guidelines for people in EU hosting several users. There is already a number of measures in FreshRSS to avoid leaking too much what what users reads what.
Alkarex
on 9 Jun 2018
Sure, I can work on this!
I may open more tickets in next few days, I conducted a test with two users, in collaboration with a UX designer and I had a lot of feedback :) I still have to analyze a bit the results to avoid to open too much tickets.
marienfressinaud
on 11 Jun 2018
Ah yes, probably https://social.tcit.fr/@Gavy/100169683750698495
Many PRs are not a problem ;-)
Alkarex
on 11 Jun 2018
Indeed :)
marienfressinaud
on 11 Jun 2018
I started to work on this tonight but I'm facing a strange behaviour, maybe you'll have an idea of what's going on.
I added the lines that I thought would work (didn't forget to hash the plain password) but it looked like it wasn't working. I added logs to understand and it seems that currentUser doesn't change :/
The patch: https://github.com/FreshRSS/FreshRSS/compare/dev...marienfressinaud:1928-login-user-automatically-after-creation
Result:
[Mon, 11 Jun 2018 21:10:37 +0000] [error] --- key=currentUser
[Mon, 11 Jun 2018 21:10:37 +0000] [error] --- value=Marien
[Mon, 11 Jun 2018 21:10:37 +0000] [error] --- session=demo
Note that demo is my default user.
marienfressinaud
on 11 Jun 2018
Are you actually entering the $ok block?
Alkarex
on 11 Jun 2018
I do! But I realized this morning that probably the logs appear in the file of the other user then! I'll try by forcing to write in a specific file tonight
marienfressinaud
on 12 Jun 2018
Ok, this is it: the rest of the logs appear in another file. The problem is that currentUser seems to be reset to demo value somewhere. Still investigating!
marienfressinaud
on 12 Jun 2018
It took me some time to understand that hashPassword returns a different hash at each call :upside_down_face: It should work now!
marienfressinaud
on 17 Jun 2018
Btw, the auth system is really hard to understand (and yes, I know it is me that developed it :D)
marienfressinaud
on 17 Jun 2018
Implemented in https://github.com/FreshRSS/FreshRSS/pull/1941
Alkarex
on 18 Jun 2018
Related issues
mbnoimi
路
4Comments
Aasemoon
路
6Comments
Alkarex
路
5Comments
eminphi
路
5Comments
uncovery
路
4Comments