User 'Last Login' not being recorded

Matthew_Martin · October 19, 2021, 3:47pm

To be completed by the original poster:

CMS Version

2.3.12 & 2.3.10

Player Type

Windows but not applicable

Player Version

not applicable

Issue

Users last login is not being recorded by the CMS. It does properly show who is currently logged in when I make that column visible but oddly does not update the last logged in time, there is also a active session. We have two different servers with one at 2.3.10 and one at 2.3.12 and neither records the last logged in time.

We are using CAS 2fa, so that may be a factor?

Any ideas?

natasha · October 20, 2021, 3:08pm

Hello and welcome to the Community.

We have the following issue recorded here:

github.com/xibosignage/xibo

CAS Authentication middleware does not update user last login as expected.

opened 05:07PM - 19 Oct 21 UTC

phanku

bug

Hello, My development team has identified a verifiable and replicable bug wi…thin version 2.3.10+ version of the CMS. ### The issue: All user's last login time stamp is never updated when leveraging the CAS Middleware option that is provided within the Xibo CMS. We followed the instructions located at: [https://xibo.org.uk/docs/setup/cas-as-an-authentication-provider](https://xibo.org.uk/docs/setup/cas-as-an-authentication-provider) to implement the CAS authentication middleware. The login process works and all users are able to login but as stated above the user's last login time stamp is never updated within the database. ### How to replicate: We are using the Docker version of the Xibo CMS. 1. Set a viable CAS authentication server within the `/custom/settings-custom.php` file. 2. Verify the login process works and then view the users section of the CMS. Note the last login time stamp of the user. 3. Logout of the CMS. 4. Login to the CMS and note the last login time stamp of the user. ### The solution: After some research we have determined that the `/lib/Middleware/CASAuthentication.php` file is missing the code needed to cause the CMS to update the last login timestamp for the user. The solution was identified in [https://github.com/xibosignage/xibo-cms/blob/713a950911990e873c73c8a1b2a967f2827aae66/lib/Middleware/AuthenticationBase.php#L84](https://github.com/xibosignage/xibo-cms/blob/713a950911990e873c73c8a1b2a967f2827aae66/lib/Middleware/AuthenticationBase.php#L84) Add the below code to `/lib/Middleware/CASAuthentication.php` after line 112: ` if ($user->hasIdentity()) { $user->touch(); } `

Thank you for posting

system · January 19, 2022, 9:08pm

This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.