Answer the question
In order to leave comments, you need to log in
Why are BITRIX_SM_... cookies not set during authorization?
Good afternoon.
I do authorization on the BITRIX website. More precisely, I copy the finished functionality from another site (on a different hosting), however, there is an old version of BITRIX and php 5.6, and here is the latest (without a license yet) and php 7.4.
In general, authorization works, but does not renew, even when the settings "Allow authorization to remember", "Use secure storage of authorization in cookies", "Spread authorization to all domains" are enabled.
For authorization, custom functionality is used, which authorizes by a verification code sent in SMS. Those. the person indicated his phone number, Bitrix checks for the presence of a user with this number and sends an SMS with a confirmation code. After entering the correct code, the function is triggered:CUser::Authorize($ID,true)
I draw your attention to the fact that the second parameter is set to true and, in theory, it is responsible for enabling authorization saving. But that doesn't happen.
I tried to replace this function and manually authorize the user by the CUSER::Login($LOGIN,$PASSWORD,"Y")
third parameter of which is also responsible for saving authorization, but the effect is also zero.
I noticed that during authorization cookies from the BITRIX_SM_......... series are not set, in particular, BITRIX_SM_LOGIN, BITRIX_SM_UIDH - which are responsible for this. However, the useless BITRIX_SM_SOUND_LOGIN_PLAYED is set. Which is very strange.
Perhaps someone has come across this situation? Tell me where to dig? I'm leaning towards the idea that it's probably the php/server settings that are preventing proper cookies from being saved.
Answer the question
In order to leave comments, you need to log in
What version of Bitrix?
Authorization happens by an Ajax-request? If so, how do you return a response from the server?
In the latest versions (19.0-20.5) they changed how they work with cookies, and in principle they changed the request processing process a lot.
To send cookies set through Bitrix, try adding the following code after your header before dying:
\Bitrix\Main\Context::getCurrent()->getResponse()->writeHeaders();
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question