Log in | Register
  1. Forum
  3. Non-Commercial Extensions
  5. SCLogin Enhanced Login
  7. Logged out users are automatically re-logged in

Topic-icon Logged out users are automatically re-logged in

Active Subscriptions:

None
2 years 6 months ago #67593 by NJK
Logged out users are automatically logged in again, under certain circumstances. Only if they are logged out by the system, instead of logging out themselves.

Steps to reproduce:
1. Log in to frontend using SCLogin
2. Let the user time out, or kick the user out using backend Control Panel. Check to make sure the user is logged out.
3. Return to the frontend and refresh the screen.

Expected result:
The user is still logged out.

Actual result:
The user is logged in again automatically, without even touching the login button.

Tested on two different sites with SCLogin 9.0.181 and Joomla 3.10.3.
 
The topic has been locked.
Support Specialist
2 years 6 months ago #67595 by mel
What is the behavior when the user clicks the logout button from SCLogin? Does the same behavior occur?

Try with no caching enabled, specifically the System Cache plugin. This can cause oddities with authentication.

Try logging in with the standard Joomla module and see if the behavior is the same. Since you're not using JFBConnect, SCLogin is a pretty simple module and we suspect that it is something else causing this. If you disable SCLogin and use the standard Login module, it would indicate that the problem lies elsewhere.

-Melissa
The topic has been locked.
Active Subscriptions:

None
2 years 6 months ago - 2 years 6 months ago #67596 by NJK
If the user clicks the logout button from SCLogin, it's ok. When logging in using the standard Joomla module, everything is ok too. Using SCLogin version 8.x it's also ok.

This happens when using SCL version 9.x, and the user is logged out by the sysem, either by timeout (the Session Lifetime setting in Global Configuration) or an admin logs the user out using the backend. Cache be on or off, it doesn't seem to matter, we had different setings on the tested sites. Also tested now on Joomla 4.0.4, it's still the same.

-Frode
 
Last edit: 2 years 6 months ago by NJK.
The topic has been locked.
Support Specialist
2 years 6 months ago #67599 by alzander
The SCLogin module uses Joomla's authentication system to log the user in. The process is identical to using the mod_login from Joomla, so I don't know how there would be any difference between a user logging in with the SCLogin module vs logging in with the Joomla module.

Just to confirm, you are logging in using Joomla credentials and not a social network account, correct? The SCLogin module does support JFBConnect, our social authentication system, but I'm assuming you're not using that.

We will gladly test as well if you'd like. I'd ask you to setup the SCLogin module and Joomla login module on the same page, send us the URL and test account details (non-administrator). Then, we can login with each and wait for the timeout (just let us know how long that is) and see if the same thing happens. If so, we'll definitely be intrigued and help narrow it down.

Thanks,
Alex
The topic has been locked.
  1. Forum
  3. Non-Commercial Extensions
  5. SCLogin Enhanced Login
  7. Logged out users are automatically re-logged in
From the Blog
Facebook | Twitter | LinkedIn | Blog RSS