Possibly related to https://bugzilla.mozilla.org/show_bug.cgi?id=924421 ?

I'm finding that users with mixed case email addresses on persona that are logging into a Drupal site where their email address is stored in lowercase go into a loop where they are constantly logged out, then back in, then back out etc.

So the login process appears to go fine, no errors, but then as soon as they're logged in they get logged out, and as soon as they're logged out they get logged in again.

Don't know if some of the folks reporting refresh loops in #2236551: Certificate change due to Heartbleed might be experiencing this issue.

Comments

lightsurge’s picture

lightsurge commented

This seems to work:

1) get user to remove their mixed case email on https://login.persona.org/
2) get user to sign out on https://login.persona.org/
2) get user to clear their browser cache/cookies and close/re-open browser
3) destroy their session on Drupal with drupal_session_destroy_uid($uid);
4) get user to login with a lower case email

But a bit of a nightmare

lightsurge’s picture

lightsurge commented

Here's the bug on the persona queue:
https://github.com/mozilla/persona/issues/3878

lightsurge’s picture

lightsurge commented
Status: Active » Fixed

Duh.. looks like this must be fixed in 7.x dev with

  // If the account email has different casing to the supplied email, update
  // the account to match the supplied email. This ensures Drupal and Persona
  // are in agreement.
  if ($account->mail != $email) {
    user_save($account, array('mail' => $email));
  }

How did I not see that, and probably a much simpler fix than I was in the middle of coming up with :-/

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.