Work better with masquerade

Open on Drupal.org →

Created on 6 February 2025, 17 days ago

Problem/Motivation

When the masquerade → module is in use, permitted users can masquerade themselves as other users without knowing their password. When the re-authenticate dialog pops up, the current user has no chance to recover from that situation and needs to log out. This is inconvenient and should be improved.

Proposed resolution

I'm not sure, which approach would be best. For now, collecting ideas on what could be done.

Idea 1: if the timeout is reached and the current session is a masquerade, automatically unmasquerade the current user and show them the re-auth dialog for their own account.

Idea 2: in a masquerade session, let the original user unlock the browser session with their own password.

Idea 3: let's see what else we can come up with ...

📌 Task

Status

Active

Version

1.0

Component

Code

Created by

🇩🇪Germany jurgenhaas Gottmadingen

Live updates comments and jobs are added and updated live.

Sign in to follow issues

Comments & Activities

Issue created by @jurgenhaas
Comment 15 days ago →
System Message

jurgenhaas → committed de30ab5e on 1.0.x
Issue #3504903 by jurgenhaas: Work better with masquerade
Comment 15 days ago →
System Message

jurgenhaas → committed f7cb1519 on 1.0.x
Issue #3504903 by jurgenhaas: Work better with masquerade
Comment 15 days ago →
System Message

jurgenhaas → committed 7a3f24df on 1.0.x
Issue #3504903 by jurgenhaas: Work better with masquerade
Comment 15 days ago →
🇩🇪Germany jurgenhaas Gottmadingen
I went for the idea 2 for now: if the current session is a masquerade, the original user has to provide their password to unlock the session.
Comment 15 days ago →
🇩🇪Germany jurgenhaas Gottmadingen

contrib.social Blog FAQ Discussions

Production build 0.71.5 2024