Jump to content

api login strange behavior


Frank Vèssia
 Share

Recommended Posts

Hello,
my login code is acting very strange, when a superuser is trying to login is working fine, with other roles the server crashes and I get server error 500. I tried to debug but I cannot find any explicable reason for this
 

 
	<?php
if($input->post->email){
    $email = $sanitizer->email($input->post->email);
    $pass  = $sanitizer->text($input->post->password);
    $response = array();
    $errors   = "";
    if($email == ''){
        $response['type'] = "error";
        $response['msg'] = "Email non valida";
        echo json_encode($response);
        exit;
    }
    if( $pass == '' ){
        $response['type'] = "error";
        $response['msg'] = "Password non valida";
        echo json_encode($response);
        exit;
    }
    $checkUser = $users->get("email=$email");
    if($checkUser->id){
        try {  
            $uname = $checkUser->name;
            $user = $session->login($uname,$pass); 
            if($user && $user->id && $user->id != 40){
                $response['type'] = "success";
                $response['msg']  = "Utente loggato";
            }else{
                $response['type'] = "error";
                $response['msg'] = 'Password non valida. Riprova';
            }
        } catch(WireException $e){ // in case of multiple false login (throttle login)
             $errors .= $e->getMessage();
        }    
    }else{
        $response['type'] = "error";
        $response['msg'] = 'Email non trovata.';
    }
	if($errors != ''){
        $response['type'] = "error";
        $response['msg'] = $errors;
    }
    echo json_encode($response);
}

Link to comment
Share on other sites

18 hours ago, Sevarf2 said:

after few more debugs I found out the issue


Error: Call to a member function isDefault() on null in /home/iltuopre/public_html/wire/core/PagesLoaderCache.php:237

Any idea what is it?

Just had a quick look.

Lines #235-240 in PagesLoaderCache.php have this:

if($this->wire('languages')) {
  $language = $this->wire('user')->language;
  if(!$language->isDefault()) {
  	$selector .= ", _lang=$language->id"; // for caching purposes only, not recognized by PageFinder
  }
}

Line #237 is where the isDefault() method is called. The error you are getting indicates that in line #236, $language returned null. null cannot have the method isDefault(), hence the error.

The reason, it would seem, we are getting null is that language is not being set for the current user (or theoretically, that there is no current user? - but don't think so). 

Maybe try to set a language for the user via the API before you log them in.

https://processwire.com/api/ref/languages/set-language/

On a side note, why are you sanitizing passwords? :-).

  • Like 1
Link to comment
Share on other sites

I just tried with no luck, it seemed a reasonable solution ?
 get the same error when I perform session->logout()..but I don't understand, the user has the default language set...how can be null and why only non admin user?

 

18 minutes ago, kongondo said:

On a side note, why are you sanitizing passwords? :-).

Good question lol

Link to comment
Share on other sites

I tested your code and it works fine for me; no errors. "Utente loggato" :-). I tested with both my supersuser role and one other non-superuser role. For the non-supersuser, I tested with their language as the default (i.e. in the backend) and also with their language as German (in the backend). I tested with both namespaced and non-namespaced variants of your code as well as with and without sanitising the password.

I am wondering whether the issue is caused by the user roles? 

Have you tried to debug $checkUser? Is everything there OK?

Another side note. I don't know your use case but just wondering why you are explicitly stating (error messages) whether it is the email or the password that is invalid for failed logins :-).

 

Link to comment
Share on other sites

At this point I think that something inside the DB is broken or so because the code is fine and always worked even in other applications, yes probably is something related with the roles because it happens only to non admin users and it happens also on logout where there is no login code involved.
It is very strange, I also made a test displaying the current user language just before the logout with any issue and during logout I got the error $language undefined for the current user....

14 hours ago, kongondo said:

Another side note. I don't know your use case but just wondering why you are explicitly stating (error messages) whether it is the email or the password that is invalid for failed logins :-).

 

I like to be precise on what's happening by telling the users where is the problem instead of generic login error messages.

Link to comment
Share on other sites

2 hours ago, Sevarf2 said:

At this point I think that something inside the DB is broken or so because the code is fine and always worked even in other applications,

Maybe test on a clean install?

In case it helps, the role I tested with had some editing permissions, by the way. What permissions do your have? 

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...