Not possible to log out when "Login automatically" option is enabled.

Created on 13 February 2025, 2 months ago

Problem/Motivation

Once you logged in by IP you will not be able to log out when site uses "Login automatically" option. Module immediately logs you in again.

Steps to reproduce

1. Enable "Login automatically" option in IP Login configuration.
2. Set your current IP address to one of the site users.
3. Once you approach the site you will be logged in by IP.
4. Try to log out.

Proposed resolution

I guess user has to be logged out if he insists :) I'm not sure what is the best way to handle it. Probably, it requires to set up cookie variable for an hour or so when user tries to log out. When in EarlyIpLoginMiddleware we can check if cookie exists and skip login process, similar thing is done with ipLoginAttempted cookie. In an hour cookie will die and user could use auto login by IP again.

🐛 Bug report
Status

Active

Version

4.0

Component

Code

Created by

🇵🇱Poland nsavitsky

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

  • Issue created by @nsavitsky
  • 🇦🇹Austria agoradesign

    I've just started to write a bugfix for this solution, when I saw that there isn't a bug at all, it's just a lack of documentation.

    The module ships with a permission log in as another user. When I installed the module, I've interpreted the permission name in a wrong way. So I gave permission to higher (moderator/admin/...) roles only, but in the end it's very important to have this permission on the auto-login user's role. This way you won't get re-logged in immediately, instead may choose to go to the login form instead and login as any user you like or even stay logged out for a while.

    Either way, I'll leave this open and tag it with "needs documentation", as this is a very important feature that obviously not everyone finds out immediately :D

Production build 0.71.5 2024