Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Logme login with token_auth is broken #9897

Closed
avkarenow opened this issue Mar 8, 2016 · 3 comments
Closed

Logme login with token_auth is broken #9897

avkarenow opened this issue Mar 8, 2016 · 3 comments
Labels
worksforme The issue cannot be reproduced and things work as intended.
Milestone
2.16.1

Comments

@avkarenow
Copy link
Contributor

Hello,

logme doesn't work with token_auth since 2.15.0 Piwik version.

I did a few tests with plugins/Login/Auth.php file:
URL: https://my_piwikl/index.php?module=Login&action=logme&login=my_login&password=my_md5
with this changes:

          if (!empty($this->hashedPassword)) { // favor authenticating by password
`+            echo "1\n";`
`+            echo $this->token_auth."\n";`
`+            echo $this->login."\n";`
`+            echo $this->getTokenAuthSecret()."\n";`
             return $this->authenticateWithPassword($this->login, $this->getTokenAuthSecret());
         } elseif (is_null($this->login)) {
`+            echo "2\n";`
             return $this->authenticateWithToken($this->token_auth);
         } elseif (!empty($this->login)) {
`+            echo "3\n";`
`+            echo $this->token_auth."\n";`
`+            echo $this->login."\n";`
`+            echo $this->getTokenAuthSecret()."\n";`
             return $this->authenticateWithTokenOrHashToken($this->token_auth, $this->login);

Result is:
3
anonymous
anonymous
1
anonymous
my_login
my_md5

So, code after 2.15.0 didn't use a authenticateWithTokenOrHashToken() to auth...
Next I changed function to use authenticateWithTokenOrHashToken():

@@ -50,7 +50,7 @@
     public function authenticate()
     {
         if (!empty($this->hashedPassword)) { // favor authenticating by password
`-            return $this->authenticateWithPassword($this->login, $this->getTokenAuthSecret());`
`+            return $this->authenticateWithTokenOrHashToken($this->getTokenAuthSecret(), $this->login);`
         } elseif (is_null($this->login)) {
             return $this->authenticateWithToken($this->token_auth);
         } elseif (!empty($this->login)) {

And now I can login using logme and token_auth again.
@quba
Copy link
Contributor

quba commented Mar 8, 2016

It doesn't work for superuser account. Maybe that's the reason? It's so by design.

@avkarenow
Copy link
Contributor Author

It's normal user account, not superuser.

@tsteur
Copy link
Member

tsteur commented Mar 8, 2016

I tried to reproduce with 2.16.0 but couldn't. Works fine for me. Likely it was fixed recently, can you update to latest Piwik version?

@tsteur tsteur closed this as completed Mar 8, 2016
@tsteur tsteur added the worksforme The issue cannot be reproduced and things work as intended. label Mar 8, 2016
@tsteur tsteur added this to the 2.16.1 milestone Mar 8, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
worksforme The issue cannot be reproduced and things work as intended.
Projects
None yet
Milestone
2.16.1
Development

No branches or pull requests
3 participants
@tsteur @quba @avkarenow