[MDL-61707] Pre-signup (minor check) session is not deleted upon signup - Moodle Tracker

XML

Word

Printable

Details

Type: Bug
Status: Closed
Priority: Minor
Resolution: Fixed
Affects Version/s: 3.3.5, 3.4
Fix Version/s: 3.4.5, 3.5.2
Component/s: Authentication
Labels:
- ci
- release_notes
- triaged

Testing Instructions:
Hide

Log in as Admin:

enable 'Digital age of consent verification' (Site administration > Privacy Settings).

set 'Self registration' = 'Email-based self-registration' (Site administration > Plugins > Authentication > Manage authentication).

Logout as Admin.

In "Home" page follow the "Log in" link.

In the Login page click on "Create new account".

The 'Age and location verification' page should be displayed; fill out the form and make sure you the user is not a digital minor:

'What is your age?' = 30

'In which country do you live?' = Austria

Click "Proceed"

The signup page should be displayed; fill out the form and press "Create my new account".

After account creation go back to "Home" page; follow the "Log in" link.

In the Login page click on "Create new account".

make sure you are directed to the 'Age and location verification' page.
Show
Log in as Admin: enable 'Digital age of consent verification' (Site administration > Privacy Settings). set 'Self registration' = 'Email-based self-registration' (Site administration > Plugins > Authentication > Manage authentication). Logout as Admin. In "Home" page follow the "Log in" link. In the Login page click on "Create new account". The 'Age and location verification' page should be displayed; fill out the form and make sure you the user is not a digital minor: 'What is your age?' = 30 'In which country do you live?' = Austria Click "Proceed" The signup page should be displayed; fill out the form and press "Create my new account". After account creation go back to "Home" page; follow the "Log in" link. In the Login page click on "Create new account". make sure you are directed to the 'Age and location verification' page.
Affected Branches:
MOODLE_33_STABLE, MOODLE_34_STABLE
Fixed Branches:
MOODLE_34_STABLE, MOODLE_35_STABLE
Pull from Repository:
git://github.com/mihailges/moodle.git
Pull 3.5 Branch:
~~MDL-61707~~-35
Pull 3.5 Diff URL:
https://github.com/mihailges/moodle/compare/99d1a03857...MDL-61707-35
Pull Master Branch:
~~MDL-61707~~-master
Pull Master Diff URL:
https://github.com/mihailges/moodle/compare/0180369b27...MDL-61707-master

Description

The pre-signup (minor check) session is not deleted upon user sign up. The session being still present means the user can bypass the minor check (if activated) when attempting to create another account.

Steps to replicate:

As admin:
1. enable 'Digital age of consent verification' (Site administration > Privacy Settings).
2. set 'Self registration' = 'Email-based self-registration' (Site administration > Plugins > Authentication > Manage authentication).
Logout as Admin.
In "Home" page follow the "Log in" link.
In the Login page click on "Create new account".
The 'Age and location verification' page should be displayed; fill out the form and make sure you the user is not a digital minor:
- 'What is your age?' = 30
- 'In which country do you live?' = Austria
- Click "Proceed"

The signup page should be displayed; fill out the form and press "Create my new account".
After creation go back to "Home" page; follow the "Log in" link.
In the Login page click on "Create new account".
- you are directed to the 'Signup' page instead of 'Age and location verification' page.

Attachments

Options
- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

Attachments

screenshot-1.png
115 kB
25/Jul/18 6:00 PM

Issue Links

has a non-specific relationship to

MDL-63677 Random redirection during policy agreement and signup

Closed

Activity

People

Assignee:

Mihail Geshoski

Reporter:

Mihail Geshoski

Peer reviewer:

Carlos Escobedo

Integrator:

Andrew Nicols

Tester:

Janelle Barcega

Participants:

Andrew Nicols, Carlos Escobedo, CiBoT, David Monllaó, Eloy Lafuente (stronk7), Janelle Barcega, Mihail Geshoski

Component watchers:

Jake Dallimore, Jun Pataleta

Votes:

0 Vote for this issue

Watchers:

5 Start watching this issue

Dates

Created:

21/Mar/18 10:18 PM

Updated:

14/Dec/18 9:13 PM

Resolved:

27/Jul/18 2:10 PM

Fix Release Date:

10/Sep/18

Time Tracking

Estimated:

Remaining:

Logged:

30m