Early Bird Registration for DrupalCon Portland 2024 is open! Register by 23:59 PST on 31 March 2024, to get $100 off your ticket.
When you create a user account through the "/user/register" endpoint, you no longer get an authenticated account with a valid session cookie. This is a change from Services 7.x-3.3.
Is this intended behavior or an unintentional bug?
Comments
Comment #1
ygerasimov CreditAttribution: ygerasimov commented@lhridley can you provide a patch with test that fails if user is not logged-in after registering a user?
Comment #2
lhridley CreditAttribution: lhridley commentedI'm going to close this issue for now. I set up a clean drupal install and was unable to duplicate this problem so it is most likely another module that is installed on the site we're developing that is interfering. If I manage to track the problem down, I'll reopen.
Comment #3
edxxu CreditAttribution: edxxu commentedSame issue. I tried to register a user through user/register endpoint using chrome Postman tool, and response shows that a user is created successfully, then i refresh the page, it gives a message: "Registration successful. You are now logged in." , but actually not.
Comment #4
marcingy CreditAttribution: marcingy commentedComment #5
edxxu CreditAttribution: edxxu commentedI looked into the code and found that it will not result in a logged in session unless your resouse $controller['callback'] contains the string "login" or "logout". For example the register call back is '_user_resource_create' and if you change it to '_user_resource_create_login' or 'login_user_resource_create' or even '_usloginer_resource_create', the new created account will log in.
Comment #6
yaworsk CreditAttribution: yaworsk commentedNoticed this as well. With reference to _services_controller_execute_preserve_user_switch_anonymous, if I comment out:
$preserve_session = strpos($controller['callback'], 'login') === FALSE && strpos($controller['callback'], 'logout') === FALSE;
and replace it with:
$preserve_session = FALSE;
the user does get logged in on registration. Wondering what the rationale is for this behaviour and whether it could be changed?
Comment #7
kylebrowning CreditAttribution: kylebrowning commentedHappy to see code that obliges registration, but not something I can take on at this time.
If you provide a patch, please re-open the issue as a feature request.