Merge branch 'release/3.4.3'

getgrav · May 19, 2021 · fbb181d · fbb181d
2 parents cc374a9 + 4a1aa36
commit fbb181d
Show file tree

Hide file tree

Showing 5 changed files with 31 additions and 25 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,3 +1,9 @@
+# v3.4.3
+## 05/19/2021
+
+1. [](#bugfix)
+    * Fixed failing Flex User validation if user has changed in the filesystem (requires Grav 1.7.13) [#278](https://github.com/getgrav/grav-plugin-login/issues/278)
+
 # v3.4.2
 ## 04/06/2021
 

diff --git a/README.md b/README.md
@@ -539,7 +539,7 @@ You can set the "Redirect after registration" option in the Login plugin, or as
 You can control whether or not a page is visible to a user by first enabling the option in the `login` configuration:
 
 ```
-dyanamic_page_visilbity: true
+dynamic_page_visibility: true
 ```
 
 With this activated you can put the following option into the header of each page:

diff --git a/blueprints.yaml b/blueprints.yaml
@@ -1,7 +1,7 @@
 name: Login
 slug: login
 type: plugin
-version: 3.4.2
+version: 3.4.3
 testing: false
 description: Enables user authentication and login screen.
 icon: sign-in

diff --git a/classes/Events/UserLoginEvent.php b/classes/Events/UserLoginEvent.php
@@ -101,7 +101,7 @@ public function __construct(array $items = [])
             $users = Grav::instance()['accounts'];
             $user = $users->load($this['credentials']['username']);
             if (is_callable([$user, 'refresh'])) {
-                $user->refresh();
+                $user->refresh(true);
             }
 
             $this->offsetSet('user', $user);

diff --git a/login.php b/login.php
@@ -104,27 +104,29 @@ public function onSessionStart(SessionStartEvent $event)
         $user = $session->user ?? null;
         if ($user && $user->exists() && ($this->config()['session_user_sync'] ?? false)) {
             // User is stored into the filesystem.
-
-            /** @var UserCollectionInterface $accounts */
-            $accounts = $this->grav['accounts'];
-
-            /** @var UserObject $stored */
-            if ($accounts instanceof FlexCollectionInterface) {
-                $stored = $accounts[$user->username];
-                if (is_callable([$stored, 'refresh'])) {
-                    $stored->refresh();
-                }
+            if ($user instanceof FlexObjectInterface && version_compare(GRAV_VERSION, '1.7.13', '>=')) {
+                $user->refresh(true);
             } else {
                 // TODO: remove when removing legacy support.
-                $stored = $accounts->load($user->username);
-            }
+                /** @var UserCollectionInterface $accounts */
+                $accounts = $this->grav['accounts'];
+                if ($accounts instanceof FlexCollectionInterface) {
+                    /** @var UserObject $stored */
+                    $stored = $accounts[$user->username];
+                    if (is_callable([$stored, 'refresh'])) {
+                        $stored->refresh(true);
+                    }
+                } else {
+                    $stored = $accounts->load($user->username);
+                }
 
-            if ($stored && $stored->exists()) {
-                // User still exists, update user object in the session.
-                $user->update($stored->jsonSerialize());
-            } else {
-                // User doesn't exist anymore, prepare for session invalidation.
-                $user->state = 'disabled';
+                if ($stored && $stored->exists()) {
+                    // User still exists, update user object in the session.
+                    $user->update($stored->jsonSerialize());
+                } else {
+                    // User doesn't exist anymore, prepare for session invalidation.
+                    $user->state = 'disabled';
+                }
             }
 
             if ($user->state !== 'enabled') {
@@ -455,7 +457,7 @@ public function handleUserActivation()
         $token = $uri->param('token');
         $user = $users->load($username);
         if (is_callable([$user, 'refresh'])) {
-            $user->refresh();
+            $user->refresh(true);
         }
 
         $redirect_route = $this->config->get('plugins.login.user_registration.redirect_after_activation');
@@ -1114,7 +1116,7 @@ public function userLoginAuthenticateByRememberMe(UserLoginEvent $event)
             // Allow remember me to work with different login methods.
             $user = $users->load($username);
             if (is_callable([$user, 'refresh'])) {
-                $user->refresh();
+                $user->refresh(true);
             }
 
             $event->setCredential('username', $username);
@@ -1133,8 +1135,6 @@ public function userLoginAuthenticateByRememberMe(UserLoginEvent $event)
 
             $event->setStatus($event::AUTHENTICATION_SUCCESS);
             $event->stopPropagation();
-
-            return;
         }
     }