Skip to content

fix: chain filter does not update last_active #1160

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Aug 16, 2024
Merged

fix: chain filter does not update last_active #1160

merged 3 commits into from
Aug 16, 2024

Conversation

@kenjis
Copy link
Member

@kenjis kenjis commented Aug 12, 2024
edited
Loading

Description
Fixes #1154

The chain filter also should update last_active.

Checklist:

  • Securely signed commits
  • Component(s) with PHPDoc blocks, only if necessary or adds value
  • Unit testing, with >80% coverage
  • User guide updated
  • Conforms to style guide

@kenjis kenjis added the bug Something isn't working label Aug 12, 2024
@kenjis kenjis mentioned this pull request Aug 12, 2024
Closed
datamweb
datamweb requested changes Aug 12, 2024
View reviewed changes
Copy link
Collaborator

@datamweb datamweb left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This feature only works when session/tokens filter is active.

shield/src/Config/Auth.php

Lines 157 to 167 in 0ead2a1

/**
* --------------------------------------------------------------------
* Record Last Active Date
* --------------------------------------------------------------------
* If true, will always update the `last_active` datetime for the
* logged-in user on every page request.
* This feature only works when session/tokens filter is active.
*
* @see https://codeigniter4.github.io/shield/quick_start_guide/using_session_auth/#protecting-pages for set filters.
*/
public bool $recordActiveDate = true;

@warcooft
Copy link
Contributor

warcooft commented Aug 12, 2024

@kenjis said: Yes,chain uses either session or tokens or hmac by default.

chain
The filter will check authenticators in sequence to see if the user is logged in through either of authenticators, allowing a single API endpoint to work for both an SPA using session auth, and a mobile app using access tokens.
https://shield.codeigniter.com/references/controller_filters/?h=chain#provided-filters

@kenjis kenjis force-pushed the fix-ChainAuth-last_active branch from 27cfb36 to 566ef50 Compare August 12, 2024 08:10
@kenjis
Copy link
Member Author

kenjis commented Aug 12, 2024

@datamweb The option is used in HmacAuth, JWTAuth, SessionAuth, and TokenAuth filters.
Find 'Auth.recordActiveDate' in the source code.

Updated the comment for $recordActiveDate.

datamweb
datamweb approved these changes Aug 12, 2024
View reviewed changes
Copy link
Collaborator

@datamweb datamweb left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@warcooft Thank you for your participation.
@kenjis Yes, the text should have been updated.

LGTM!

@kenjis kenjis merged commit e17a042 into codeigniter4:develop Aug 16, 2024
@kenjis kenjis deleted the fix-ChainAuth-last_active branch August 16, 2024 02:25
@michalsn michalsn mentioned this pull request Jul 14, 2025
Merged
5 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@datamweb datamweb datamweb approved these changes

+1 more reviewer

@warcooft warcooft warcooft approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

bug Something isn't working

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Bug: last_active not set when filter set to chain

3 participants

@kenjis @warcooft @datamweb