Test login sequences
The test is to: Login with user A Logout Login with user B Logout Login with user A
- Normal cookie
- Remove local storage (dashboard) cookie (only)
- Remove kratos cookie (only)
- Remove hydra cooky (only)
Related merge requests 1
When this merge request is accepted, this issue will be closed automatically.
Activity
assigned to @mart
There is a redirect loop problem:
- Login
- Wait for 2FA login
- Don't login 2FA, click "password reset"
Loping between: GET https://dashboard.stackspin.net/web/login GET https://dashboard.stackspin.net/kratos/self-service/login/browser
(har file available, ask)
I'm inclined to say that this is a kratos bug: the
kratos/self-service/login/browserpage redirects back to login, and this in the kratos logs:Session was found but AAL is not satisfied for calling this endpoint.Which is a silly thing to say and do because this is a recovery flow. I'll see if we maybe misconfigured kratos to behave this way.
-
Adding that setting changes the redirect loop, but it's still there. We'll remove the "Set new password" link from the TOTP form to remediate this for now. Fixing the underlying problem seems tricky and it's also not the most urgent thing given that we remove this link: separate issue.
If the kratos cookie is deleted, but hydra is still there, and you change accounts, you get logged out immediately. on a second login, it works fine.
i do not find this a problem, as it apparently recovers something (remove Hydra is my best guess). other scenarios worked as expected for me
created branch
185-test-login-sequencesto address this issuementioned in merge request !162 (merged)
mentioned in commit 99424a9a
closed with merge request !162 (merged)
