Uploaded image for project: 'Blesta Core'
  1. Blesta Core
  2. CORE-1701

Remove logins via user ID

        Details

        • Type: Improvement
        • Status: Closed
        • Priority: Blocker
        • Resolution: Fixed
        • Affects Version/s: None
        • Fix Version/s: 4.0.0-b1
        • Component/s: None
        • Labels:
          None

          Description

          Blesta supports the legacy use of logging in via user ID. The user ID is not shown in v3+, and so is not likely to be used, and has been deprecated as of v3.5.0-b5.

          Allowing login via user ID poses a problem as described in CORE-1700, where a numeric username may match multiple records, thus making the selection of the 'correct' user arbitrary.

          Users::auth needs to be updated to remove authentication of a user by `users`.`id`.

            Activity

            There are no comments yet on this issue.

              People

              • Assignee:
                tyson Tyson Phillips (Inactive)
                Reporter:
                tyson Tyson Phillips (Inactive)
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Fix Release Date:
                  15/Sep/16

                  Agile