[TYPO3-project-4-3] Relogin feature
Steffen Kamper
info at sk-typo3.de
Sun Sep 20 20:03:31 CEST 2009
Hi Dan,
Dan Osipov schrieb:
> This is still an issue.
>
> I have login configured to be superchallenged, and the challenge stored
> in session doesn't match what's sent by the ExtJS box. It fails on this
> condition:
> $_SESSION['login_challenge'] !== $loginData['chalvalue']
> class.t3lib_userauth, line 1138 (trunk)
>
> In addition, the login box sometimes fails to appear, even though the
> session has expired:
> http://bugs.typo3.org/view.php?id=10800
>
i'm currently heavy work on the finish parts for the beta, after that i
will track down the issue.
There are some things with the relogin which makes it bit more complex:
* js code is mixed up prototype and extJS. You may nothice such effects
as "getElementId was called with null value". Needs to refactored using
ExtJS only
* the hash used at initial login isn't valid anymore. Login has to be
done same way as the initial login
* feature needs to be switchable. The feature is useful, but sends one
request per minute. I don't know what the better is, TYPO3_CONF_VARS or
BE_USER
* relogin should only work for the logged in user, so only lets type
password again. Switch user should be done with regular logoff.
It should work out of the box, when it doesn't at final release, i agree
with Ingmar, it should be removed, but hopefully i can fix it.
If you don't agree with above notes, please give loud.
vg Steffen
More information about the TYPO3-project-4-3
mailing list