search

tituspijean / flarum-ext-auth-ssowat

[HALTED DEVELOPMENT] SSOwat authentification extension for Flarum, a simple forum software for building great communities.
MIT License
3 stars 1 forks source link

Signup new user fails once #17

Closed tituspijean closed 6 years ago

tituspijean commented 6 years ago

When using the login button for a new user, not already registered in Flarum, the SignUp modal is displayed with their username and email already filled. Clicking on Sign Up gives an error 500.

POST https://pijean.ovh/forum/register

<!DOCTYPE html><!--

Illuminate\Database\QueryException: SQLSTATE[42S22]: Column not found: 1054 Unknown column &#039;access_tokens.guest_id&#039; in &#039;where clause&#039; (SQL: delete from `access_tokens` where `access_tokens`.`guest_id` is null and `access_tokens`.`guest_id` is not null) in file /var/www/flarum/vendor/illuminate/database/Connection.php on line 662
Stack trace:
  1. Illuminate\Database\QueryException-&gt;() /var/www/flarum/vendor/illuminate/database/Connection.php:662
  2. PDOException-&gt;() /var/www/flarum/vendor/illuminate/database/Connection.php:411
  3. PDO-&gt;prepare() /var/www/flarum/vendor/illuminate/database/Connection.php:411
  4. Illuminate\Database\Connection-&gt;Illuminate\Database\{closure}() /var/www/flarum/vendor/illuminate/database/Connection.php:655
  5. Illuminate\Database\Connection-&gt;runQueryCallback() /var/www/flarum/vendor/illuminate/database/Connection.php:618
  6. Illuminate\Database\Connection-&gt;run() /var/www/flarum/vendor/illuminate/database/Connection.php:416
  7. Illuminate\Database\Connection-&gt;affectingStatement() /var/www/flarum/vendor/illuminate/database/Connection.php:371
  8. Illuminate\Database\Connection-&gt;delete() /var/www/flarum/vendor/illuminate/database/Query/Builder.php:1898
  9. Illuminate\Database\Query\Builder-&gt;delete() /var/www/flarum/vendor/illuminate/database/Eloquent/Builder.php:445
 10. Illuminate\Database\Eloquent\Builder-&gt;delete() /var/www/flarum/vendor/illuminate/database/Eloquent/Relations/Relation.php:330
 11. call_user_func_array() /var/www/flarum/vendor/illuminate/database/Eloquent/Relations/Relation.php:330
 12. Illuminate\Database\Eloquent\Relations\Relation-&gt;__call() /var/www/flarum/vendor/tituspijean/flarum-ext-auth-ssowat/src/Middleware/SSOwatMiddleware.php:55
 13. Illuminate\Database\Eloquent\Relations\HasMany-&gt;delete() /var/www/flarum/vendor/tituspijean/flarum-ext-auth-ssowat/src/Middleware/SSOwatMiddleware.php:55
 14. TitusPiJean\Flarum\Auth\SSOwat\Middleware\SSOwatMiddleware-&gt;__invoke() /var/www/flarum/vendor/zendframework/zend-stratigility/src/Dispatch.php:212
 15. Zend\Stratigility\Dispatch-&gt;dispatchCallableMiddleware() /var/www/flarum/vendor/zendframework/zend-stratigility/src/Dispatch.php:88
 16. Zend\Stratigility\Dispatch-&gt;__invoke() /var/www/flarum/vendor/zendframework/zend-stratigility/src/Next.php:160
 17. Zend\Stratigility\Next-&gt;__invoke() /var/www/flarum/vendor/flarum/core/src/Http/Middleware/SetLocale.php:51
 18. Flarum\Http\Middleware\SetLocale-&gt;__invoke() /var/www/flarum/vendor/zendframework/zend-stratigility/src/Dispatch.php:212
 19. Zend\Stratigility\Dispatch-&gt;dispatchCallableMiddleware() /var/www/flarum/vendor/zendframework/zend-stratigility/src/Dispatch.php:88
 20. Zend\Stratigility\Dispatch-&gt;__invoke() /var/www/flarum/vendor/zendframework/zend-stratigility/src/Next.php:160
 21. Zend\Stratigility\Next-&gt;__invoke() /var/www/flarum/vendor/flarum/core/src/Http/Middleware/AuthenticateWithSession.php:36
 22. Flarum\Http\Middleware\AuthenticateWithSession-&gt;__invoke() /var/www/flarum/vendor/zendframework/zend-stratigility/src/Dispatch.php:212
 23. Zend\Stratigility\Dispatch-&gt;dispatchCallableMiddleware() /var/www/flarum/vendor/zendframework/zend-stratigility/src/Dispatch.php:88
 24. Zend\Stratigility\Dispatch-&gt;__invoke() /var/www/flarum/vendor/zendframework/zend-stratigility/src/Next.php:160
 25. Zend\Stratigility\Next-&gt;__invoke() /var/www/flarum/vendor/flarum/core/src/Http/Middleware/RememberFromCookie.php:39
 26. Flarum\Http\Middleware\RememberFromCookie-&gt;__invoke() /var/www/flarum/vendor/zendframework/zend-stratigility/src/Dispatch.php:212
 27. Zend\Stratigility\Dispatch-&gt;dispatchCallableMiddleware() /var/www/flarum/vendor/zendframework/zend-stratigility/src/Dispatch.php:88
 28. Zend\Stratigility\Dispatch-&gt;__invoke() /var/www/flarum/vendor/zendframework/zend-stratigility/src/Next.php:160
 29. Zend\Stratigility\Next-&gt;__invoke() /var/www/flarum/vendor/flarum/core/src/Http/Middleware/StartSession.php:48
 30. Flarum\Http\Middleware\StartSession-&gt;__invoke() /var/www/flarum/vendor/zendframework/zend-stratigility/src/Dispatch.php:212
 31. Zend\Stratigility\Dispatch-&gt;dispatchCallableMiddleware() /var/www/flarum/vendor/zendframework/zend-stratigility/src/Dispatch.php:88
 32. Zend\Stratigility\Dispatch-&gt;__invoke() /var/www/flarum/vendor/zendframework/zend-stratigility/src/Next.php:160
 33. Zend\Stratigility\Next-&gt;__invoke() /var/www/flarum/vendor/flarum/core/src/Http/Middleware/ParseJsonBody.php:31
 34. Flarum\Http\Middleware\ParseJsonBody-&gt;__invoke() /var/www/flarum/vendor/zendframework/zend-stratigility/src/Dispatch.php:212
 35. Zend\Stratigility\Dispatch-&gt;dispatchCallableMiddleware() /var/www/flarum/vendor/zendframework/zend-stratigility/src/Dispatch.php:88
 36. Zend\Stratigility\Dispatch-&gt;__invoke() /var/www/flarum/vendor/zendframework/zend-stratigility/src/Next.php:160
 37. Zend\Stratigility\Next-&gt;__invoke() /var/www/flarum/vendor/flarum/core/src/Http/Middleware/HandleErrors.php:61
 38. Flarum\Http\Middleware\HandleErrors-&gt;__invoke() /var/www/flarum/vendor/zendframework/zend-stratigility/src/Dispatch.php:212
 39. Zend\Stratigility\Dispatch-&gt;dispatchCallableMiddleware() /var/www/flarum/vendor/zendframework/zend-stratigility/src/Dispatch.php:88
 40. Zend\Stratigility\Dispatch-&gt;__invoke() /var/www/flarum/vendor/zendframework/zend-stratigility/src/Next.php:160
 41. Zend\Stratigility\Next-&gt;__invoke() /var/www/flarum/vendor/zendframework/zend-stratigility/src/MiddlewarePipe.php:111
 42. Zend\Stratigility\MiddlewarePipe-&gt;__invoke() /var/www/flarum/vendor/flarum/core/src/Http/AbstractServer.php:55
 43. Flarum\Http\AbstractServer-&gt;__invoke() /var/www/flarum/vendor/zendframework/zend-diactoros/src/Server.php:162
 44. Zend\Diactoros\Server-&gt;listen() /var/www/flarum/vendor/flarum/core/src/Http/AbstractServer.php:36
 45. Flarum\Http\AbstractServer-&gt;listen() /var/www/flarum/index.php:16

Clicking again successfully signs up the user.

tituspijean commented 6 years ago
  1. SignUp modal is displayed because the user who is logging in is not yet registered.
  2. As the user went through the LogIn modal first, $session->set('ssowatUser', true)
  3. When submitting the SignUp form, SSOwat middleware interferes as ssowatUser is true and checks $_SERVER['PHP_AUTH_USER'] !== $actor->username, which is obviously false as the user is not actually logged in yet in Flarum
  4. Middleware tries to $this->authenticator->logOut($session); which fails as the user is not actually logged in yet.