lonnieezell / Bonfire2

CodeIgniter 4-based application skeleton
MIT License
131 stars 50 forks source link

Saving unchanged data in Settings->Users breaks login functionality #245

Closed dgvirtual closed 1 year ago

dgvirtual commented 1 year ago

I have opened the Users settings in Bonfire and saved them without changing anything. After that, when the user logs out, and tries to login again, he is greeted with an error message (this is the output in the log):

CRITICAL - 2022-12-09 14:35:40 --> Call to a member function getType() on null in VENDORPATH/codeigniter4/shield/src/Authentication/Authenticators/Session.php on line 444. 1 VENDORPATH/codeigniter4/shield/src/Authentication/Authenticators/Session.php(156): CodeIgniter\Shield\Authentication\Authenticators\Session->setAuthAction() 2 VENDORPATH/codeigniter4/shield/src/Controllers/LoginController.php(59): CodeIgniter\Shield\Authentication\Authenticators\Session->attempt([...]) 3 SYSTEMPATH/CodeIgniter.php(927): CodeIgniter\Shield\Controllers\LoginController->loginAction() 4 SYSTEMPATH/CodeIgniter.php(482): CodeIgniter\CodeIgniter->runController(Object(Bonfire\Auth\Controllers\LoginController)) 5 SYSTEMPATH/CodeIgniter.php(351): CodeIgniter\CodeIgniter->handleRequest(null, Object(Config\Cache), false) 6 FCPATH/index.php(67): CodeIgniter\CodeIgniter->run() 7 SYSTEMPATH/Commands/Server/rewrite.php(46): require_once('FCPATH/index.php') CRITICAL - 2022-12-09 14:38:51 --> Call to a member function getType() on null in VENDORPATH/codeigniter4/shield/src/Authentication/Authenticators/Session.php on line 444. 1 VENDORPATH/codeigniter4/shield/src/Authentication/Authenticators/Session.php(156): CodeIgniter\Shield\Authentication\Authenticators\Session->setAuthAction() 2 VENDORPATH/codeigniter4/shield/src/Controllers/LoginController.php(59): CodeIgniter\Shield\Authentication\Authenticators\Session->attempt([...]) 3 SYSTEMPATH/CodeIgniter.php(927): CodeIgniter\Shield\Controllers\LoginController->loginAction() 4 SYSTEMPATH/CodeIgniter.php(482): CodeIgniter\CodeIgniter->runController(Object(Bonfire\Auth\Controllers\LoginController)) 5 SYSTEMPATH/CodeIgniter.php(351): CodeIgniter\CodeIgniter->handleRequest(null, Object(Config\Cache), false) 6 FCPATH/index.php(67): CodeIgniter\CodeIgniter->run() 7 SYSTEMPATH/Commands/Server/rewrite.php(46): require_once('FCPATH/index.php')

I have traced the error to the setting that got saved to the database : class | key | value Config\Auth\Auth | actions | a:2:{s:5:"login";b:0;s:8:"register";b:0;}

I think the string in value column gets interpreted by the settings module as setting the original config array values

public array $actions = [ 'login' => null, 'register' => null, ];

to false instead of null. And then the code in Session.php on line 444 gets executed, while it should be omitted if the values in array were null...

So anyway, the functionality is too easily broken.

dgvirtual commented 1 year ago

I have done the same today with an updated codebase, and the functionality seems to be no longer broken. So I am closing this bug report.