Defect #18148
openhook controller_account_success_authentication_after not called with auth_sources
0%
Description
If users are registered by an auth_sources
See Alternativecustom_authentication_HowTo
the hook is not used.
:controller_account_success_authentication_after
source:trunk/app/controllers/account_controller.rb#L258
is it the expected behavior?
Files
Updated by Jean-Philippe Lang about 10 years ago
- Status changed from New to Needs feedback
It should be called when a successfull password authentication occurs. Can you give more details about your problem or a patch that shows a possible fix ?
Updated by Sylvain V about 10 years ago
I will double check the methods traversed by the onthe_fly creation process. But I think at register time, the path in the code doesn't use the hook. I had to modify the account controller directly. I'm gonna isolate the behavior and post a use case and/or a patch.
I had modified the registration to setup new user in a Group / Role / Project at creation time.
Updated by Sylvain V about 10 years ago
- File redmine_register.png redmine_register.png added
OK. I think I got the trick.
Here what I've done:
I added an custom AuthSource. See ticket description.
source at: source:branches/2.5-stable/
So the process:
- /login app/controllers/account_controller.rb will call: def password_authentication
- which call app/models/user.rb def self.try_to_login
- which call app/models/auth_source.rb AuthSource.authenticate(login, password)
- which call in loop AuthSources referenced in database with :onthefly_register => true
- returning an attrs Hash, fetching some user info, email, firstName, lastName, if any
- as those fields are required a register form will appear if something is missing
- app/controllers/account_controller.rb def register
- if the user enter valid information here, he will be registered
- issuing a redirect_to my_account_path
So app/controllers/account_controller.rb def successful_authentication is never called in this scheme. Nor call_hook(:controller_account_success_authentication_after, {:user => user })
As data fetched from my AuthSource is legacy data, I used this behavior above by forcing register to appear by setting a custom required boolean on user. (Confirm)
Updated by Jean-Philippe Lang about 10 years ago
Thank you for this detailed explanation. I'd say it's the expected behaviour and I'm not in favor of changing this for compatibility reasons since existing hooks may not expect an unsaved user. Maybe we can add a specific hook, can you tell what you need to do in your hook in this situation?
Updated by Sylvain V about 10 years ago
after submitting data, they are saved and authenticated…
so the hook's name let me think it will be called after authentication. I put my code directly in the controller inside register and it works as expected.
here: source:branches/2.5-stable/app/controllers/account_controller.rb#L128
May be still the expected behavior…
What I'm doing at this stage, is to assign the newly AuthSource authenticated user to a project and group and role.