CMS Made Simple Forums

Content management as it is meant to be
https://forum.cmsmadesimple.org/

FEU3 cannot login via API

https://forum.cmsmadesimple.org/viewtopic.php?t=81474

Page 1 of 1

FEU3 cannot login via API

Posted: Mon Aug 12, 2019 2:59 am
by rotezecke
Using FEU 3.1 on 2.2.10.
I have about 140 user accounts - all of which login via API, and never via FEU forms. This now fails after upgrade from 2.14.3.4
when logging in via FEU forms, things work as expected. Simplified:

Code: Select all

$mod = \cms_utils::get_module('FrontEndUsers');
$uid  =  $mod->CheckPassword( $username, $password, $myGroup );
This used to return the user ID, but now that's always 0 (in the API documentation, the CheckPassword function has no return value listed).
Edit: I also tested the Login() method, and the return array tells me the Login failed.

----------------------------------------------

Cms Version: 2.2.10

Installed Modules:

CGBlog: 1.15.13
CGExtensions: 1.64.6
CGSimpleSmarty: 2.2.1
CGSmartImage: 1.22.7
CMSContentManager: 1.1.7
CMSMailer: 6.2.14
Captcha: 1.0
DesignManager: 1.1.6
FileManager: 1.6.8
FormBuilder: 0.8.1.6
FrontEndUsers: 3.1.0
JM_Forum: 1.1.rc.1
JQueryTools: 1.4.2
LISE: 1.3.1
LISEaccommodationdb: 1.3.1
LISEinstallersdb: 1.3.1
ModuleManager: 2.1.6
Navigator: 1.0.9
News: 2.51.6
RPCTools: 1.0.b.1
Search: 1.51.6


Config Information:

php_memory_limit:
max_upload_size: 64000000
url_rewriting: mod_rewrite
page_extension: .html
query_var: page
auto_alias_content: true
locale:
set_names: true
timezone: Australia/Sydney
permissive_smarty: true


Php Information:

phpversion: 7.2.21-1+0~20190807.25+debian8~1.gbp935ebf
md5_function: On (True)
json_function: On (True)
gd_version: 2
tempnam_function: On (True)
magic_quotes_runtime: Off (False)
E_ALL: 22527
E_STRICT: 0
E_DEPRECATED: 0
test_file_timedifference: No time difference found
test_db_timedifference: No time difference found
create_dir_and_file: 1
memory_limit: 128M
max_execution_time: 30
register_globals: Off (False)
output_buffering: 4096
disable_functions: pcntl_alarm, pcntl_fork, pcntl_waitpid, pcntl_wait, pcntl_wifexited, pcntl_wifstopped, pcntl_wifsignaled, pcntl_wifcontinued, pcntl_wexitstatus, pcntl_wtermsig, pcntl_wstopsig, pcntl_signal, pcntl_signal_get_handler, pcntl_signal_dispatch, pcntl_get_last_error, pcntl_strerror, pcntl_sigprocmask, pcntl_sigwaitinfo, pcntl_sigtimedwait, pcntl_exec, pcntl_getpriority, pcntl_setpriority, pcntl_async_signals,
open_basedir:
test_remote_url: Success
file_uploads: On (True)
post_max_size: 8M
upload_max_filesize: 64M
session_save_path: /var/lib/php/sessions (1733)
session_use_cookies: On (True)
xml_function: On (True)
xmlreader_class: On (True)
check_ini_set: On (True)
curl: On


Performance Information:

allow_browser_cache: Off (False)
browser_cache_expiry: 0
php_opcache: On (True)
smarty_cache: Off (False)
smarty_compilecheck: On (True)
auto_clear_cache_age: On (True)

Server Information:

Server Software: Apache/2.4.10 (Debian)
Server Api: apache2handler
Server Os: Linux 3.16.0-8-amd64 On x86_64
Server Db Type: MySQL (mysqli)
Server Db Version: 5.5.62
Server Db Grants: Found a "GRANT ALL" statement that appears to be suitable


Permission Information:

tmp: /var/www/cmsms/tmp (0775)
tmp_cache: /var/www/cmsms/tmp/cache (0755)
templates_c: /var/www/cmsms/tmp/templates_c (0755)
modules: /var/www/cmsms/modules (0775)
uploads: /var/www/cmsms/uploads (0775)
File Creation Mask (umask): /var/www/cmsms/tmp/cache (0755)
config_file: 0777

----------------------------------------------

Re: FEU3 cannot login via API

Posted: Mon Aug 12, 2019 9:31 am
by rotezecke
i managed to force a login without password check like this:

Code: Select all

  $uid = $mod->GetUserID($username);
$mod->SetUserLoggedin($uid);
However, if i test for group membership I get a new error

Code: Select all

  $uid = $mod->GetUserID($username);
if($mod->MemberOfGroup($uid,3))
{
	$mod->SetUserLoggedin($uid);
}
[Mon Aug 12 19:18:38.232775 2019] [php7:error] [pid 3576] [client 192.168.1.30:49244] PHP Fatal error: Uncaught TypeError: Argument 1 passed to FrontEndUsers\\UserCacheManipulator::get_user() must be of the type integer, null given, called in /var/www/cmsms/modules/FrontEndUsers/lib/class.FrontEndUsersManipulator.php on line 1358 and defined in /var/www/cmsms/modules/FrontEndUsers/lib/class.UserCacheManipulator.php:9\nStack trace:\n#0 /var/www/cmsms/modules/FrontEndUsers/lib/class.FrontEndUsersManipulator.php(1358): FrontEndUsers\\UserCacheManipulator->get_user(NULL)
#1 [internal function]: FrontEndUsers\\FrontEndUsersManipulator->MemberOfGroup(15, 3)
#2 /var/www/cmsms/modules/FrontEndUsers/lib/class.UserManipulatorInterface.php(20): call_user_func_array(Array, Array)
#3 [internal function]: FrontendUsers\\UserManipulatorInterface->__call('MemberOfGroup', Array)
#4 /var/www/cmsms/modules/FrontEndUsers/lib/class.UserManipulatorInterface.php(20): call_user_func_array(Array, Array)
#5 [internal function]: FrontendUsers\\UserManipulatorInterface->__call('MemberOfGroup', Array)
#6 /var/www/cmsms/modules/FrontEndUsers/lib/ in /var/www/cmsms/modules/FrontEndUsers/lib/class.UserCacheManipulator.php on line 9, referer: https://hippo.rpc.lan/catalog/account.php

Re: FEU3 cannot login via API

Posted: Mon Aug 12, 2019 12:55 pm
by calguy1000
There is a small typo in the MemberOfGroup function. fixed that.

BTW.
a: CheckPassword only checks the username and password and retrieves a uid it does not log the user in. Because in a 2FA scenario you need to do one more piece of authentication before the user can be logged in.

b: If you are using SetUserLoggedin() you are also responsible for ensuring that the user account is not disabled, or expired etc. There are methods for this called CanUserLogin()

Re: FEU3 cannot login via API

Posted: Mon Aug 12, 2019 5:43 pm
by rotezecke
Both CheckPassword() and Login() method do not work for me when I specify a group name.

Code: Select all

$uid      =  $mod->CheckPassword( $username, $password, $myGroupString);
echo "ID: $uid"; die();
returns ID: 0
whereas

Code: Select all

$uid      =  $mod->CheckPassword( $username, $password);
echo "ID: $uid"; die();
returns ID: 15
The group membership is confirmed. Also not working

Code: Select all

$result = $mod->Login($username, $password, 'shareholders');
echo "username: $username<br>";
echo "password: $password<br>";
print_r($result); die();
returns
Array ( [0] => [1] => Login failed. This probably means that you entered an invalid username or password. But your account may have also expired or been disabled by an administrator. Please double check your login credentials, and if they are correct you may need to contact the site administrator. )
whereas

Code: Select all

$result = $mod->Login($username, $password);
echo "username: $username<br>";
echo "password: $password<br>";
print_r($result); die();
returns
Array ( [0] => [1] => 15)

Re: FEU3 cannot login via API

Posted: Mon Aug 12, 2019 10:17 pm
by calguy1000
I fixed a simple typo in that function.

v3.1.1 is released.

Re: FEU3 cannot login via API

Posted: Mon Aug 12, 2019 11:09 pm
by rotezecke
Thanks Robert. I installed FEU 3.1.1 but now there's a new error. My base template includes something like:

Code: Select all

{if ! feu_smarty::is_user_memberof('shareholders')}...{/if}
which as of 3.1.1 results in

Code: Select all

[Tue Aug 13 08:53:24.016426 2019] [php7:error] [pid 1711] [client 127.0.0.1:35608] PHP Fatal error:  Uncaught Error: Call to a member function LoggedInId() on null in /var/www/cmsms/modules/FrontEndUsers/lib/class.feu_smarty.php:275\nStack trace:\n#0 /var/www/cmsms/tmp/templates_c/abddff7771ddda4a197287e0717c3b5eaccb2360_0.template.2015_base.php(95): feu_smarty::is_user_memberof('shareholders')
#1 /var/www/cmsms/lib/smarty/sysplugins/smarty_template_resource_base.php(128): content_5d50d153066867_82019300(Object(CMS_Smarty_Template))
#2 /var/www/cmsms/lib/smarty/sysplugins/smarty_template_compiled.php(172): Smarty_Template_Resource_Base->getRenderedTemplateCode(Object(CMS_Smarty_Template))
#3 /var/www/cmsms/lib/smarty/sysplugins/smarty_internal_template.php(206): Smarty_Template_Compiled->render(Object(CMS_Smarty_Template))
#4 /var/www/cmsms/lib/smarty/sysplugins/smarty_internal_template.php(372): Smarty_Internal_Template->render()
#5 /var/www/cmsms/lib/smarty/sysplugins/smarty_internal_runtime_inheritance.php(116): Smarty_Internal_Template->_subTemplateRender('template:2015_b...', 'p15', NULL, 0, 3600, Array,  in /var/www/cmsms/modules/FrontEndUsers/lib/class.feu_smarty.php on line 275
i realise this is probably not related to the previously described problems and should really be its own post. then again, i didnt want to fill up the modules forum just with my crap.

Re: FEU3 cannot login via API

Posted: Mon Aug 12, 2019 11:42 pm
by calguy1000
Are you sure you clicked the 'upgrade' button?

That code wasn't touched... but that error could happen if for some reason the feu_smarty class could not get the FrontEndUsers object.

Re: FEU3 cannot login via API

Posted: Tue Aug 13, 2019 12:10 am
by rotezecke
Aarh, you are correct, i tested with the wrong CMSMS install. I have not verified whether the rest is working yet, but that error was false alarm.
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited