Skip to content

Fixed customertoken not generating after configured failure in a row #34001

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 5 commits into from
Sep 23, 2021
Merged

Fixed customertoken not generating after configured failure in a row #34001

merged 5 commits into from
Sep 23, 2021

Conversation

sagar2009kumar
Copy link
Contributor

@sagar2009kumar sagar2009kumar commented Sep 6, 2021
edited by m2-assistant bot
Loading

Description (*)

This pull request solves the issue when a customer has tried too many fail attempt (i.e more no of times than in the configuration)for generating the customer token via graphql or rest api. Then the customer is not able to log into the system ever.

Related Pull Requests

Fixed Issues (if relevant)

  1. Fixes magento/magento2#<issue_number>

Manual testing scenarios (*)

  1. Make more number of unsuccessful attempt than the configured number of times (configuration can be found in Services->Oauth) to generate the customer token via generateCustomerToken graphql api.
  2. After that, the customer would not be able to generate the token even with correct credentials.

Questions or comments

The issue was occuring because in the current system, there was no any check if lock_expires_at in oauth_token_request_log is greater than current date time. So, the system always returns the no of failed attempts.

For example, let's say, if the configured no of failed attempt is 6. And the customer has tried 7 times to generate the customer token via graphql api. Now, after the expiry time of lock_expires_at even when he/she tries with correct credentials, he/she is not able to generate the customer token and get the exception

'The account sign-in was incorrect or your account is disabled temporarily. '
. 'Please wait and try again later.'
image

This is a major issue for the Scandi PWA login as customer is not able to logged into the PWA after trying too many unsuccessful attempt.

To resolve the issue, i have applied the check if lock_expires_at is greater than current date time. Then we got zero token in that case and when the customer login with correct credentials, he/she will log into the system.

Please let me know if you need additional test cases (i have to make the test cases, lol) or any other description you want.

Contribution checklist (*)

  • [ *] Pull request has a meaningful description of its purpose
  • [ *] All commits are accompanied by meaningful commit messages
  • All new or changed code is covered with unit/integration tests (if applicable)
  • README.md files for modified modules are updated and included in the pull request if any README.md predefined sections require an update
  • All automated tests passed successfully (all builds are green)

Resolved issues:

  1. resolves [Issue] Fixed customertoken not generating after configured failure in a row #34067: Fixed customertoken not generating after configured failure in a row

@sagar2009kumar
Fixed the not expiry of token in generateCustomerToken graphql
c1290c5 
When we have more login failure in the api for creation of token than the configured times. It does not allow us to generate new token because there is no any check of 'lock_expires_at'.
@sagar2009kumar
Merge pull request #1 from sagar2009kumar/sagar2009kumar-graphql-gene…
c76bbe6 
…rateCustomerToken

Fixed the not expiry of token in generateCustomerToken graphql
BarnyShergold
BarnyShergold requested changes Sep 6, 2021
View reviewed changes
Copy link

@BarnyShergold BarnyShergold left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The code here looks fine but you need to properly fill out the PR description to explain the issue being solved, what the fix does and how to test (if appropriate)

A good example of a PR description : #33998

@sagar2009kumar
Copy link
Contributor Author

@BarnyShergold I have updated the description. Please check and let me know if you need more clarification or anything else needed.

BarnyShergold
BarnyShergold approved these changes Sep 6, 2021
View reviewed changes
Copy link

@BarnyShergold BarnyShergold left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice! Excellent update

@BarnyShergold
Copy link

@magento run all tests

@magento-automated-testing
Copy link

The requested builds are added to the queue. You should be able to see them here within a few minutes. Please re-request them if they don't show in a reasonable amount of time.

@magento-engcom-team
Copy link
Contributor

Hi @BarnyShergold, thank you for the review.
ENGCOM-9215 has been created to process this Pull Request
✳️ @BarnyShergold, could you please add one of the following labels to the Pull Request?

Label Description
Auto-Tests: Covered All changes in Pull Request is covered by auto-tests
Auto-Tests: Not Covered Changes in Pull Request requires coverage by auto-tests
Auto-Tests: Not Required Changes in Pull Request does not require coverage by auto-tests

@sagar2009kumar
Copy link
Contributor Author

@magento run all tests again.

@magento-automated-testing
Copy link

Failed to run the builds. Please try to re-run them later.

@sagar2009kumar
Copy link
Contributor Author

@BarnyShergold , Can you please let me know why this issue is occuring, i think it is more of a code style rather than code ? Can you please suggest ? Thanks in advance.
image

BarnyShergold
BarnyShergold requested changes Sep 7, 2021
View reviewed changes
Copy link

@BarnyShergold BarnyShergold left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Try this update to start

@BarnyShergold BarnyShergold added the Auto-Tests: Covered All changes in Pull Request is covered by auto-tests label Sep 7, 2021
@sagar2009kumar
Updated the code style
9c079dc 
Updated the code according to the standards of phpdocumenter with inheritdoc.

Co-authored-by: Barny Shergold <[email protected]>
@sagar2009kumar
Copy link
Contributor Author

@magento run all tests

@magento-automated-testing
Copy link

The requested builds are added to the queue. You should be able to see them here within a few minutes. Please re-request them if they don't show in a reasonable amount of time.

BarnyShergold
BarnyShergold requested changes Sep 8, 2021
View reviewed changes
Copy link

@BarnyShergold BarnyShergold left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You are also getting this fail - Failed asserting that '2021-09-07 13:04:59' contains "2021-09-07 13:05". (testEditCompanyActionLogging) /var/www/html/dev/tests/integration/testsuite/Magento/Company/LoggingTest.php

@sidolov sidolov added Priority: P1 Once P0 defects have been fixed, a defect having this priority is the next candidate for fixing. Severity: S1 Affects critical data or functionality and forces users to employ a workaround. labels Sep 9, 2021
BarnyShergold
BarnyShergold approved these changes Sep 14, 2021
View reviewed changes
Copy link

@BarnyShergold BarnyShergold left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

All tests now passing

@magento-engcom-team
Copy link
Contributor

Hi @BarnyShergold, thank you for the review.
ENGCOM-9215 has been created to process this Pull Request

@sagar2009kumar
Copy link
Contributor Author

@engcom-Alfa , Please approve the changes or let me know if there is any change needed. 😄

@BarnyShergold
Copy link

@magenti run all tests

@sagar2009kumar
Copy link
Contributor Author

@magento run all tests

@magento-automated-testing
Copy link

The requested builds are added to the queue. You should be able to see them here within a few minutes. Please re-request them if they don't show in a reasonable amount of time.

@sagar2009kumar
Copy link
Contributor Author

@magento run all tests

@magento-automated-testing
Copy link

The requested builds are added to the queue. You should be able to see them here within a few minutes. Please re-request them if they don't show in a reasonable amount of time.

@BarnyShergold
Copy link

@magento run Integration Tests,WebAPI Tests

@magento-automated-testing
Copy link

The requested builds are added to the queue. You should be able to see them here within a few minutes. Please re-request them if they don't show in a reasonable amount of time.

@engcom-Charlie engcom-Charlie self-assigned this Sep 23, 2021
@engcom-Charlie
Copy link
Contributor

It seems that all the review comments has been taken care so moving it further.

Thank you!

@engcom-Charlie engcom-Charlie removed their assignment Sep 23, 2021
@engcom-Alfa
Copy link
Contributor

Re-tested today completely and the report remains same as mentioned in above-comment. Hence moving it to Merge In Progress.

magento-engcom-team pushed a commit that referenced this pull request Sep 23, 2021
@sidolov
ENGCOM-9215: Fixed customertoken not generating after configured fail…
69a4880 
…ure in a row #34001
@magento-engcom-team magento-engcom-team merged commit db2fd53 into magento:2.4-develop Sep 23, 2021
@m2-assistant
Copy link

m2-assistant bot commented Sep 23, 2021

Hi @sagar2009kumar, thank you for your contribution!
Please, complete Contribution Survey, it will take less than a minute.
Your feedback will help us to improve contribution process.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Den4ik Den4ik Den4ik approved these changes

@BarnyShergold BarnyShergold BarnyShergold approved these changes

@andrewbess andrewbess andrewbess approved these changes

@engcom-Alfa engcom-Alfa Awaiting requested review from engcom-Alfa

Assignees

@Den4ik Den4ik

@BarnyShergold BarnyShergold

@andrewbess andrewbess

@engcom-Alfa engcom-Alfa

Labels
Auto-Tests: Covered All changes in Pull Request is covered by auto-tests Component: Integration Priority: P1 Once P0 defects have been fixed, a defect having this priority is the next candidate for fixing. Progress: accept Release Line: 2.4 Severity: S1 Affects critical data or functionality and forces users to employ a workaround.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[Issue] Fixed customertoken not generating after configured failure in a row
9 participants
@sagar2009kumar @BarnyShergold @magento-engcom-team @andrewbess @engcom-Alfa @hostep @engcom-Charlie @Den4ik @sidolov