I
I
Ivan Anikin2018-11-06 10:36:50
1C-Bitrix
Ivan Anikin, 2018-11-06 10:36:50

After changing the password via CUser::Update, CUser::Login login stops working for 20 minutes. What to do?

In the project, they did custom authorization themselves.
it was necessary to give the user the opportunity to log in and change the password by (email/phone) and stumbled upon the following problem:
When changing the password to a new one using the CUser::Update
$obUser = new \CUser();
$obUser->Update($user['ID'], ["PASSWORD" => $password, 'CONFIRM_CODE' => '', 'ACTIVE' => "Y"]);
in the b_user_auth_action table, a record is created for this user with the current time (ACTION = logout ACTION_DATE= current time),
apparently until a certain period specified somewhere in the settings
, the CUser::Login login function behaves strangely:
If the login / password data is incorrect, it gives an error that the data is entered incorrectly, and if it is correct, it gives the result that the user is successfully authorized BUT the authorization itself does not occur (apparently no data is written to the session or cookies are not created)
I decided as follows:
just when changing the password I clear the data for this user in this table
UserAuthActionTable::deleteByFilter(['USER_ID'=>$user['ID']]);
I hope they scold me here and answer how it was necessary to overcome this problem.

Answer the question

In order to leave comments, you need to log in

3 answer(s)
S
Sergey Panteleev, 2018-11-06
@randomizex

As already written above, pass CONFIRM_PASSWORD
and add the third parameter - this will disable adding an entry to the DocumentationCUser::Update($id, $fields, false)AuthAction

A
Andrey Nikolaev, 2018-11-06
@gromdron

I hope they scold me here and answer how it was necessary to overcome this problem.

Of course they will scold you: after all, you are making a crooked bicycle, instead of taking and using the standard CUser::ChangePassword ( its description in the API ).
If you really want to invent your own bicycles, then at least study how the standard works, and then invent your own.

S
serginhold, 2018-11-06
@serginhold

Is there a CONFIRM_CODE in the documentation somewhere?
there it seems like CONFIRM_PASSWORD, and you need to transfer the same thing as in PASSWORD

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question