Closed Bug 558143 Opened 16 years ago Closed 15 years ago

Logged-in status not reflected till user refreshes the page

Categories

(addons.mozilla.org Graveyard :: Public Pages, defect, P4)

Product:
addons.mozilla.org Graveyard
Component:
Public Pages
Type:
defect

Tracking

(Not tracked)

Status:
VERIFIED FIXED

People

(Reporter: krupa.mozbugs, Assigned: jbalogh)

References

(
URL
)

Details

Attachments

(1 file, 1 obsolete file)

Headers for /login
3.85 KB, text/plain
Details
Note:Tester is not logged in. steps to reproduce: 1.Go to https://preview.addons.mozilla.org/en-US/firefox/search?q=collection_name&cat=collections 2.Log in expected behavior: User is logged in.There is a log out link actual behavior: Logged-in status is not reflected till user refreshes the page. screencast: http://screencast.com/t/OGM1ODExYjYt
I can reproduce this behavior in zamboni as well STR: 1.Tester is not logged in 2.Go to https://preview.addons.mozilla.org/z/en-US/thunderbird/addon/2313/ 3.Log in 4.The add-on detail page loads after log in. observed behavior: Logged-in status is not reflected till user refreshes the page Adding [z] to the whiteboard
Whiteboard: [z]
That's a crazy bug!
Priority: -- → P4
Whiteboard: [z] → [z][required amo-qa-team]
Target Milestone: --- → 5.12.2
Tried to reproduce with the link in comment 1. That's broken because of /z/ in the URL, works fine without it.
Status: NEW → RESOLVED
Closed: 15 years ago
Resolution: --- → WORKSFORME
Once upon a time, this was reproducible on both remora and zamboni. However, some supernatural power has fixed this bug before Wil could get to it.
Status: RESOLVED → VERIFIED
I was able to reproduce this issue but while logging-out STR: 1. Log in to preview 2. Log out observed behavior: User is still logged-in. Headers indicate that the problem may be due to redirects. screencast: http://screencast.com/t/3B8dQIKq
Status: VERIFIED → REOPENED
Resolution: WORKSFORME → ---
Attached file headers (obsolete) —
(In reply to comment #7) > Created attachment 489844 [details] > headers I don't see anything hitting /login there.
https://addons.allizom.org/users/logout?to=/en-US/firefox/ GET /users/logout?to=/en-US/firefox/ HTTP/1.1 Host: addons.allizom.org User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.12) Gecko/20101026 Firefox/3.6.12 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en,kn;q=0.7,en-us;q=0.3 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: https://addons.allizom.org/en-US/firefox/ Cookie: csrftoken=25671f410e34f4f2aeabb0f30989bd76; amo_home_promo_seen=5; AMOappName=firefox; sessionid=2964fd8dad65cd055d35176543987b49 HTTP/1.1 302 Found Server: Apache X-Backend-Server: pm-app-amo24 Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, private Content-Type: text/html; charset=UTF-8 Date: Fri, 12 Nov 2010 19:33:51 GMT Location: https://addons.allizom.org/en-US/users/logout?to=%2Fen-US%2Ffirefox%2F Keep-Alive: timeout=5, max=1000 X-AMO-ServedBy: pm-app-amo24.mozilla.org Pragma: no-cache Via: Moz-Cache-pm-zlb-amo01 Connection: Keep-Alive X-Powered-By: PHP/5.2.9 X-Cache-Info: not cacheable; response specified "Cache-Control: no-store" Content-Length: 0
filed comment 7 as bug 611785. Moving this bug back to WORKSFORME
Status: REOPENED → RESOLVED
Closed: 15 years ago15 years ago
Resolution: --- → WORKSFORME
I can consistently reproduce this with the STR in bug 652749. This is the problem: [z] Click "Log in" [r] GET /en-US/firefox/users/login?to=%2Fen-US%2Ffirefox%2Faddon%2Ffftbm1%2Fabuse%2F [r] POST /en-US/firefox/users/login HTTP/1.1 [r] 302 Location: https://addons.allizom.org/en-US/firefox/addon/fftbm1/abuse/ [r] Set-Cookie: AMOv3=r951c...1eu6; path=/; secure; HttpOnly [z] GET /en-US/firefox/addon/fftbm1/abuse/ HTTP/1.1 [z] Set-Cookie: sessionid=8a3fc2496716d3b1cc009abcf77f0745; Domain=.addons.allizom.org; Path=/ /login goes through remora so zamboni has not assigned a session cookie. We see AMOv3 during the GET and assign a sessionid as part of our r-to-z shim. During the rest of the request the user appears to be anonymous, but subsequent requests see the cookie. Solutions: 1. Move /login to zamboni 2. Move the login shim up the MIDDLEWARE_CLASSES list so the shim happens before any other auth stuff.
Status: RESOLVED → REOPENED
Resolution: WORKSFORME → ---
Target Milestone: 5.12.2 → Q2 2011
Attached file Headers for /login
Attachment #489844 - Attachment is obsolete: true
I'm getting this, too. It insists I'm not logged in on the homepage, however I can get to devhub, editor tools, etc.
> ... > 2. Move the login shim up the MIDDLEWARE_CLASSES list so the shim happens > before any other auth stuff. > ... Is it really that easy? If so, let's do it
Assignee: nobody → jbalogh
Target Milestone: Q2 2011 → 6.1.1
(In reply to comment #16) > > ... > > 2. Move the login shim up the MIDDLEWARE_CLASSES list so the shim happens > > before any other auth stuff. > > ... > > Is it really that easy? If so, let's do it After looking closer, I don't think this will actually work, but I'm trying it anyway in https://github.com/jbalogh/zamboni/commit/bdda4b1.
Status: REOPENED → NEW
Whiteboard: [z][required amo-qa-team]
Status: NEW → RESOLVED
Closed: 15 years ago15 years ago
Resolution: --- → FIXED
I haven't been able to reproduce the problem anymore. Marking this verified for now. However, I'll reopen if it surfaces again.
Status: RESOLVED → VERIFIED
Product: addons.mozilla.org → addons.mozilla.org Graveyard
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: