TYPO3 Core

The extension uses $GLOBALS['TSFE']->fe_user->isCookieSet() to determine, if a cookie warning message will be shown or not. The message is however never shown, since in a scenario, where the user login was successful, the isCookieSet() method will always return true, since AbstractUserAuthentication will return a cookie in the response to the client.

For TYPO3 12, the request token check will not even authenticate the user, if the pre-session cookie is not present. So ext:felogin will basically never know, if authentication was successful but cookies are disabled.

I could verify, that this feature is also broken in the legacy plugin of ext:felogin (tested TYPO3 8.7 - 10.4).

Since the current "cookie waring" in ext:felogin does not work and can not be fixed easily, it is best to remove it completely and rely on the default message shown, when the login was not successful. This message includes a hint, that authentication was not successful, either caused by wrong credentials or because of disabled cookies.