Uploaded image for project: 'PUBLIC - Liferay Portal Community Edition'
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-68287

User in request can be outdated during the login process

    Details

      Description

      If you create a loginPostAction and retrieve the user from the request using the API

      User user = PortalUtil.getUser(request);

      The object is outdated, you can test it because the attributes user.getLastLoginDate() and user.getLoginDate() have the old values.

      This is an error because you can use this object and add logic based on this dates.

      Steps to reproduce:

      1. Deploy attached module (blade.lifecycle.loginpostaction-1.0.0.jar) that implements a login.events.post
      2. Login into the portal
        Current behaviour Take a look at the log file and you will see a similar information like this:
        11:38:02,091 FATAL [http-nio-8080-exec-7][LoginPostAction:48] --- login.event.post
        11:38:02,094 FATAL [http-nio-8080-exec-7][LoginPostAction:49] Current date: Fri Sep 23 11:38:02 GMT 2016
        11:38:02,094 FATAL [http-nio-8080-exec-7][LoginPostAction:50] ---
        11:38:02,094 FATAL [http-nio-8080-exec-7][LoginPostAction:56] User from request attribute
        11:38:02,095 FATAL [http-nio-8080-exec-7][LoginPostAction:57] Login date: Fri Sep 23 11:33:24 GMT 2016
        11:38:02,095 FATAL [http-nio-8080-exec-7][LoginPostAction:58] Last login date: Fri Sep 23 09:57:48 GMT 2016
        11:38:02,095 FATAL [http-nio-8080-exec-7][LoginPostAction:60] ---
        11:38:02,096 FATAL [http-nio-8080-exec-7][LoginPostAction:62] User from Data Base
        11:38:02,096 FATAL [http-nio-8080-exec-7][LoginPostAction:65] Login date: Fri Sep 23 11:37:58 GMT 2016
        11:38:02,096 FATAL [http-nio-8080-exec-7][LoginPostAction:66] Last login date: Fri Sep 23 11:33:24 GMT 2016
        11:38:02,096 FATAL [http-nio-8080-exec-7][LoginPostAction:68] ---
        

      Expected behaviour Login date and last login date is the same for user in DB and user in Request just something like this:

      12:57:47,637 FATAL [http-nio-8080-exec-1][LoginPostAction:48] --- login.event.post
      12:57:47,638 FATAL [http-nio-8080-exec-1][LoginPostAction:49] Current date: Fri Sep 23 12:57:47 GMT 2016
      12:57:47,638 FATAL [http-nio-8080-exec-1][LoginPostAction:50] ---
      12:57:47,639 FATAL [http-nio-8080-exec-1][LoginPostAction:56] User from request attribute
      12:57:47,640 FATAL [http-nio-8080-exec-1][LoginPostAction:57] Login date: Fri Sep 23 12:57:42 GMT 2016
      12:57:47,640 FATAL [http-nio-8080-exec-1][LoginPostAction:58] Last login date: Fri Sep 23 12:55:43 GMT 2016
      12:57:47,640 FATAL [http-nio-8080-exec-1][LoginPostAction:60] ---
      12:57:47,640 FATAL [http-nio-8080-exec-1][LoginPostAction:62] User from Data Base
      12:57:47,642 FATAL [http-nio-8080-exec-1][LoginPostAction:65] Login date: Fri Sep 23 12:57:42 GMT 2016
      12:57:47,642 FATAL [http-nio-8080-exec-1][LoginPostAction:66] Last login date: Fri Sep 23 12:55:43 GMT 2016
      12:57:47,642 FATAL [http-nio-8080-exec-1][LoginPostAction:68] ---
      

        Attachments

        1. 7.0 pass.png
          7.0 pass.png
          37 kB
        2. blade.lifecycle.loginpostaction-1.0.0.jar
          6 kB
        3. master.jpg
          master.jpg
          23 kB
        4. pass.jpg
          pass.jpg
          29 kB

          Issue Links

            Activity

              People

              Assignee:
              steven.gao Steven Gao (Inactive)
              Reporter:
              jose.jimenez Jose Jimenez
              Participants of an Issue:
              Recent user:
              Csaba Turcsan
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:
                Days since last comment:
                5 years, 14 weeks, 3 days ago

                  Packages

                  Version Package
                  7.0.0 DXP SP2
                  7.0.0 DXP FP13
                  7.0.0 DXP SP3
                  7.0.3 CE GA4
                  7.1.X
                  Master