Log in | Register
  1. Forum
  3. Discontinued Products
  5. JFBConnect v8.x Support (Joomla 3 Only) (CLOSED)
  7. User gets logged in with different account than what he uses

Topic-icon User gets logged in with different account than what he uses

Active Subscriptions:

None
7 years 9 months ago #58658 by tekdinet
Hi,

I have observed this issue couple of times now.. On our site users can login using google and facebook. The issue is observed with 4-5 users who had registered with google account. When they try to login with This email address is being protected from spambots. You need JavaScript enabled to view it. / This email address is being protected from spambots. You need JavaScript enabled to view it. the welcome username/ realname they see in sclogin module is for another user This email address is being protected from spambots. You need JavaScript enabled to view it. / This email address is being protected from spambots. You need JavaScript enabled to view it.

I have read the forums before and have tried any settings / solutions mentioned there without a luck. What I have observed is, this happens when the user account for This email address is being protected from spambots. You need JavaScript enabled to view it. is not present in jfbconnect users list.. I have no clue how the entry gets deleted from jfbconnect users list when it was there and account was working perfectly fine for the user. Am I missing anything here?

Since we want to use it on a production site, this is security concern.

Thanks for any help!
The topic has been locked.
Support Specialist
7 years 9 months ago #58663 by alzander
The main way that what you describe can happen is in the following case:
* You have an account for user A on your site.
* You open 2 separate tabs in your browser. Both for your home page.
* In the first tab, you login with user A
* The second tab still shows no user has been logged in, because it was opened before A logged in. In this second tab, if you try to authenticate with Facebook or Google, JFBConnect will think you're trying to update user A's account to be associated with the Facebook/Google account you're authenticating with

There's not a way to fix this as the browser is doing what it's supposed to by sending the proper cookies signaling the same browser session. Joomla is doing what it's doing and letting JFBConnect know that a user has already authenticated during this session. JFBConnect is doing what it thinks is right in associating the social login with the existing Joomla account that is logged in.

I hope that helps explain. The only way we've *ever* heard of this happening is the above scenario. It only happens when you're using the same browser, on the same computer, to login to multiple accounts in different ways. It's not something that would normally happen in the real world and we haven't heard of any real-world scenarios of this being a problem.

However, please test and let us know if you think there's some other course of action that causes the accounts to be incorrectly logged into, as you note above and we'll gladly help investigate further however we can.

THanks,
Alex
The topic has been locked.
Active Subscriptions:

None
7 years 8 months ago #58932 by tekdinet
Hello Alex,

It seems we had gone through the same steps you have mentioned. Since a tested tests with multiple accounts from same machine, this could have been caused the mapping issue. As of now this can be marked resolved.

Thanks!
The topic has been locked.
Support Specialist
7 years 8 months ago #58947 by alzander
Glad to hear we could help explain. If you run into anything else or need further assistance, just let us know.

Thanks,
Alex
The topic has been locked.
  1. Forum
  3. Discontinued Products
  5. JFBConnect v8.x Support (Joomla 3 Only) (CLOSED)
  7. User gets logged in with different account than what he uses
From the Blog
Facebook | Twitter | LinkedIn | Blog RSS