Create user and login issue

Hi,

I’m trying to create an user and auto login but i couldnt achive like following:

$kirby->impersonate("kirby");
$user = User::create([
      'email'     => 'bastian@getkirby.com',
      'name'      => 'Bastian',
      'role'      => 'admin',
      'language'  => 'en',
      'password'  => 'topSecret',
      'content'   => [
        'twitter'   => '@getkirby',
        'position'  => 'founder'
      ]
    ]);
$user->loginPasswordless();

loginPasswordless() method always return NULL

Also tried with impersonate() before loginPasswordless() like that but still not working:

$kirby->impersonate($user->id());
$kirby->impersonate($user->username());
$kirby->impersonate($user->email());

$user->loginPasswordless();

I tested this with passing the current session as parameter and that worked:

$user->loginPasswordless($kirby->session());

I have tested like your said but returns kirby@getkirby.com as superuser

var_dump($kirby->user());
$kirby->impersonate("kirby");
$user = User::create([
  'email'     => 'bastian@getkirby.com',
  'name'      => 'Bastian',
  'role'      => 'admin',
  'language'  => 'en',
  'password'  => 'topSecret',
  'content'   => [
    'twitter'   => '@getkirby',
    'position'  => 'founder'
  ]
]);
$user->loginPasswordless($kirby->session());
var_dump($kirby->user());

Output:

NULL // Before login

// After loginPasswordless()
object(Kirby\Cms\User)#261 (7) {
  ["avatar"]=>
  NULL
  ["content"]=>
  object(Kirby\Cms\Content)#23 (0) {
  }
  ["email"]=>
  string(18) "kirby@getkirby.com"
  ["id"]=>
  string(5) "kirby"
  ...
  ...
  ...
  ["username"]=>
  string(18) "kirby@getkirby.com"
}

Yes, but if you dump($user) instead, you get the correct user and if you visit the Panel, you will see you are logged in as Bastian.

You right! If i refresh the page, new user session return. So this is a bug.
loginPasswordless() method should overwrite the current session, am i wrong?

Btw loginPasswordless() method works without session params if page refreshed like i said

$user->loginPasswordless();

Don’t see why you would have to refresh the page if you dump($user)

So it seems, I thought you had tested this and found it not working, so I didn’t even try.

Simple: I would expect for the session to be updated after logging in :))

Btw, this example will not work:

PR for this issue:

I’m not so sure, have you tested the example with a custom authentication method?

I have tested few scenarios:

Working without impersonate() method:

$user = $kirby->user("USERID");
$user->loginPasswordless();
var_dump($kirby->user()); // Return bastian@getkirby.com

Not working with impersonate() method:

$kirby->impersonate("kirby");
$user = $kirby->user("USERID");
$user->loginPasswordless();
var_dump($kirby->user()); // Return kirby@getkirby.com

So it did not work because we used the impersonate() method to create a new user.

It makes sense to reset the impersonate user anyway when done:

$kirby->impersonate(null);

Didnt work

var_dump($kirby->user());
$kirby->impersonate("kirby");
$user = User::create($data);
$kirby->impersonate();
$user->loginPasswordless();
var_dump($kirby->user());

Output:

NULL

NULL