Project

General

Profile

Actions

Bug #96978

closed

Backend "Stay logged in" button does refresh the login-session

Added by Benjamin Franzke almost 3 years ago. Updated about 2 years ago.

Status:
Closed
Priority:
Should have
Category:
Backend User Interface
Start date:
2022-02-20
Due date:
% Done:

100%

Estimated time:
TYPO3 Version:
11
PHP Version:
Tags:
Complexity:
Is Regression:
Sprint Focus:

Description

Steps to reproduce:

1. Set $GLOBALS['TYPO3_CONF_VARS']['BE']['sessionTimeout'] to 70.
2. Login via /typo3/
3. Wait 60 seconds for the login-refresh-popup to occur
4. Click the "Stay logged in" button
5a Wait 10 seconds and click on a module => A redirect to the login screen will appear
5b Wait another 60 seconds => A password-box will appear because the session has not been updated.

Description:
For unknown reasons the /ajax/login/refresh
route has never been used (all the way back to v6),
to request a session timeout update.

Instead the route /ajax/login/timedout, without the
skipSessionUpdate=1 parameter has been used to
refresh an existing session.

With the introducting of configurable loute parameters
in #81409 this inconsitency wasn't noticed and the
skipSessionUpdate parameter has been moved into the
route-configuration, which meant /ajax/login/timedout was
always called with skipSessionUpdate=1,
even as result of the "Stay logged in" button, where
a session update was intended.

Use the dedicated /ajax/login/refresh route
in order to actually refresh the session.


Related issues 1 (0 open1 closed)

Related to TYPO3 Core - Feature #81409: Move skipSessionUpdate values to AjaxRoutes configClosedJohannes Goslar2017-06-01

Actions
Actions #1

Updated by Benjamin Franzke almost 3 years ago

  • Related to Feature #81409: Move skipSessionUpdate values to AjaxRoutes config added
Actions #2

Updated by Gerrit Code Review almost 3 years ago

  • Status changed from New to Under Review

Patch set 1 for branch main of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/73618

Actions #3

Updated by Gerrit Code Review almost 3 years ago

Patch set 2 for branch main of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/73618

Actions #4

Updated by Gerrit Code Review over 2 years ago

Patch set 3 for branch main of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/73618

Actions #5

Updated by Gerrit Code Review over 2 years ago

Patch set 4 for branch main of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/73618

Actions #6

Updated by Gerrit Code Review over 2 years ago

Patch set 1 for branch 11.5 of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/73624

Actions #7

Updated by Gerrit Code Review over 2 years ago

Patch set 1 for branch 10.4 of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/73625

Actions #8

Updated by Benjamin Franzke over 2 years ago

  • Status changed from Under Review to Resolved
  • % Done changed from 0 to 100
Actions #9

Updated by Benni Mack about 2 years ago

  • Status changed from Resolved to Closed
Actions

Also available in: Atom PDF