Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Fix #11031, 10930: fix anonymous user auto-login
The original issue with 10930 was that user verification, when checking to see if a user was logged in, would trigger automatic login of the anonymous user account, which would lead to a redirect loop, where each page load would auto-login the anonymous user and immediately log them out and redirect. The original fix for this disabled auto-login of the anonymous user account when calling auth_is_user_authenticated(), which broke expectations of much of the codebase. By re-enabling auto-login, but offering optional bypass of this process, it fixes both issues. Any page expecting to correctly work with unauthenticated users will need to pass a False parameter to the function to bypass automatic anonymous login.
- Loading branch information