Merge pull request #1160 from kenjis/fix-ChainAuth-last_active

kenjis · web-flow · commit e17a042d7c9c · 2024-08-16T11:25:29.000+09:00
fix: `chain` filter does not update `last_active`
diff --git a/src/Config/Auth.php b/src/Config/Auth.php
@@ -160,7 +160,7 @@ class Auth extends BaseConfig
      * --------------------------------------------------------------------
      * If true, will always update the `last_active` datetime for the
      * logged-in user on every page request.
-     * This feature only works when session/tokens filter is active.
+     * This feature only works when session/tokens/hmac/chain/jwt filter is active.
      *
      * @see https://codeigniter4.github.io/shield/quick_start_guide/using_session_auth/#protecting-pages for set filters.
      */
diff --git a/src/Filters/ChainAuth.php b/src/Filters/ChainAuth.php
@@ -17,7 +17,6 @@
 use CodeIgniter\HTTP\IncomingRequest;
 use CodeIgniter\HTTP\RedirectResponse;
 use CodeIgniter\HTTP\RequestInterface;
-use CodeIgniter\HTTP\Response;
 use CodeIgniter\HTTP\ResponseInterface;
 
 /**
@@ -29,14 +28,8 @@
 class ChainAuth implements FilterInterface
 {
     /**
-     * Do whatever processing this filter needs to do.
-     * By default it should not return anything during
-     * normal execution. However, when an abnormal state
-     * is found, it should return an instance of
-     * CodeIgniter\HTTP\Response. If it does, script
-     * execution will end and that Response will be
-     * sent back to the client, allowing for error pages,
-     * redirects, etc.
+     * Checks authenticators in sequence to see if the user is logged in through
+     * either of authenticators.
      *
      * @param array|null $arguments
      *
@@ -53,10 +46,18 @@ public function before(RequestInterface $request, $arguments = null)
         $chain = config('Auth')->authenticationChain;
 
         foreach ($chain as $alias) {
-            if (auth($alias)->loggedIn()) {
+            $auth = auth($alias);
+
+            if ($auth->loggedIn()) {
                 // Make sure Auth uses this Authenticator
                 auth()->setAuthenticator($alias);
 
+                $authenticator = $auth->getAuthenticator();
+
+                if (setting('Auth.recordActiveDate')) {
+                    $authenticator->recordActiveDate();
+                }
+
                 return;
             }
         }

Original file line number	Diff line number	Diff line change
`@@ -160,7 +160,7 @@ class Auth extends BaseConfig`
`160`	`160`	`* --------------------------------------------------------------------`
`161`	`161`	* If true, will always update the `last_active` datetime for the
`162`	`162`	`* logged-in user on every page request.`
`163`		`- * This feature only works when session/tokens filter is active.`
	`163`	`+ * This feature only works when session/tokens/hmac/chain/jwt filter is active.`
`164`	`164`	`*`
`165`	`165`	`* @see https://codeigniter4.github.io/shield/quick_start_guide/using_session_auth/#protecting-pages for set filters.`
`166`	`166`	`*/`