XF 2.3 Auto login after email confirmation?

B

bennylava

Active member
Once a user confirms their email, they get a redirect back to the site. But isn't it supposed to log them in automatically? That way they can just start posting threads immediately. I had a relative try this for me on their phone, and it seems that you don't get logged in immediately after registering.

I can remember this working many times when signing up on Xenforo forums. Maybe this is a setting that I need to change? I really need it to log them in automatically after email confirmation, on mobile.
 
Sort by date Sort by votes
bennylava said:
I can remember this working many times when signing up on Xenforo forums. Maybe this is a setting that I need to change? I really need it to log them in automatically after email confirmation, on mobile.
Click to expand...
It's never been that way - you probably were authenticated to the same browser when you clicked on the confirmation email.
The issue, I think some people run into, is that they do the email confirmation on a browser that they hadn't authenticated to the new site.

You really don't have any control over which browser they use and you can't authenticate across browsers. If the member registers and clicks the email confirmation into the same browser, it shouldn't be an issue.
bennylava said:
I had a relative try this for me on their phone, and it seems that you don't get logged in immediately after registering.
Click to expand...
But did they really open the same browser? iPhone for example can potentially launch into a different browser (when clicking email confirmation link) depending on settings on that device.
 
Upvote 0 Downvote
ENF said:
It's never been that way - you probably were authenticated to the same browser when you clicked on the confirmation email.
The issue, I think some people run into, is that they do the email confirmation on a browser that they hadn't authenticated to the new site.

You really don't have any control over which browser they use and you can't authenticate across browsers. If the member registers and clicks the email confirmation into the same browser, it shouldn't be an issue.

But did they really open the same browser? iPhone for example can potentially launch into a different browser (when clicking email confirmation link) depending on settings on that device.
Click to expand...

What exactly does this authentication process entail? Does it mean they've visited the site before, and got a cookie in their browser?
 
Upvote 0 Downvote
bennylava said:
What exactly does this authentication process entail? Does it mean they've visited the site before, and got a cookie in their browser?
Click to expand...
If I'm not mistaken, you would find the xf_session and xf_user cookies set in each browser session that you have authenticated. These are the tokens that are set that keep you logged into XF sites. (again, these are per-browser and not shared)

You can view the cookies set in the developer console:
[Chrome/Edge] Developer Tools > Application > Storage > Cookies
[FireFox] Web Developer Tools > Storage > Cookies
 
Upvote 0 Downvote
ENF said:
If I'm not mistaken, you would find the xf_session and xf_user cookies set in each browser session that you have authenticated. These are the tokens that are set that keep you logged into XF sites. (again, these are per-browser and not shared)

You can view the cookies set in the developer console:
[Chrome/Edge] Developer Tools > Application > Storage > Cookies
[FireFox] Web Developer Tools > Storage > Cookies
Click to expand...

So if they visit the site one time, they should get a cookie, correct?

This should mean that it automatically logs them in after they do the email verification.
 
Upvote 0 Downvote
bennylava said:
So if they visit the site one time, they should get a cookie, correct?

This should mean that it automatically logs them in after they do the email verification.
Click to expand...
Again, it depends on the browser session. If they verify the email in a different browser, they will not automatically be logged in to that specific session. (Example: register on the site in a Chrome session but verify their email in Safari/Edge/Firefox, they will not be logged into the site, except on Chrome, where the registration happened.)

You can only get the authentication token (xf_user) once you login with a valid user account, per browser.
 
Upvote 0 Downvote
So for Iphone, this is unlikely to be a problem. IIRC Apple only allows the Safari browser on Iphone.

Although it doesn't seem likely to be a problem on Android either. Seems like most people will use the same browser to do everything, and not switch to a different one.
 
Upvote 0 Downvote
bennylava said:
IIRC Apple only allows the Safari browser on Iphone.
Click to expand...
Incorrect. You can have Chrome and other browsers installed on iPhone.
Moreover, clicking on confirmation link can spin-up a different instance of the browser.

bennylava said:
Although it doesn't seem likely to be a problem on Android either. Seems like most people will use the same browser to do everything, and not switch to a different one.
Click to expand...
It really depends on each configuration...

Example of iPhone browser selection after clicking an email link:
iphone_browser_c.webp
 
Upvote 0 Downvote
ENF said:
Incorrect. You can have Chrome and other browsers installed on iPhone.
Moreover, clicking on confirmation link can spin-up a different instance of the browser.


It really depends on each configuration...

Example of iPhone browser selection after clicking an email link:
View attachment 304629
Click to expand...

There we go, that makes sense. Although I'm not sure why it would do a new instance just for this. And if it's the same browser, why wouldn't it still remember that it had been to the site and that it was verified? This whole thing seems like a big oversight.
 
Upvote 0 Downvote
You must log in or register to reply here.

Similar threads

C
  • Question Question
User awaiting email confirmation - handling multiple registration
Replies
2
Views
51
ENF
ENF
mattrogowski
Moderated users bypass email confirmation
Replies
1
Views
66
Xon
X
NinaMcI
  • Question Question
XF 1.5 Redirect to last page viewed after email confirmation
Replies
2
Views
386
NinaMcI
NinaMcI
Okenyon
  • Question Question
XF 1.5 Redirect User after email confirmation.
Replies
15
Views
914
mjda
mjda
Spleen
  • Question Question
XF 1.5 Logging in after email notifications
Replies
2
Views
505
Spleen
Spleen
Back
Top Bottom