Skip to content

When a logged-in user calls confirmEmailAndSignIn(), the user ID does not update #310

@cpatracker

Description

@cpatracker

When we try to retrieve user information after calling $auth->confirmEmailAndSignIn() using $auth->getUserId(), it returns the user ID of the previously logged-in user instead of the newly registered one.

The flow is as follows:

  1. User 1 is logged in
  2. User 1 tries to register a new account for a friend (User 2) by opening the registration form, entering the required information, and requesting a confirmation link
  3. User 1 opens the confirmation link for User 2
  4. confirmEmailAndSignIn() is called; User 2’s email is confirmed, and their account is created
  5. When we attempt to log information about the new user (User 2) to the logs or database, getUserId() still returns the ID of User 1

Possible workaround
$auth->logOut() can be called during the confirmation link process, but this will log out the user even if they click on an invalid confirmation link

Metadata

Metadata

Assignees

No one assigned

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions