Summary:
Once notAllowedError is set in useValidateAuthenticator, it is never cleared, even after a successful login. This causes canAccessMainView to remain false, effectively locking the user out of the CMS until a full page reload.
Steps to Reproduce:
- Set up an
Authenticator that returns false or throws an error (e.g. based on user role)
- Attempt login with a user who should not have access:
notAllowedError is set- The error message is correctly displayed
- Log in with a user who should be allowed:
Authenticator returns trueauthController.user is updated- But
notAllowedError remains set
canAccessMainView remains false- User remains stuck in the Login screen
Expected Behavior:
When Authenticator returns true, and a new user is authenticated, the internal notAllowedError should be cleared (e.g. set to false) so that canAccessMainView becomes true and the main CMS interface is shown.
Summary:
Once
notAllowedErroris set inuseValidateAuthenticator, it is never cleared, even after a successful login. This causescanAccessMainViewto remainfalse, effectively locking the user out of the CMS until a full page reload.Steps to Reproduce:
Authenticatorthat returns false or throws an error (e.g. based on user role)notAllowedErroris setAuthenticatorreturnstrueauthController.useris updatednotAllowedErrorremains setcanAccessMainViewremainsfalseExpected Behavior:
When
Authenticatorreturnstrue, and a new user is authenticated, the internalnotAllowedErrorshould be cleared (e.g. set to false) so thatcanAccessMainViewbecomestrueand the main CMS interface is shown.