ACP2E-1972: reset visitor data before login, in case a previous post request generated a new visitor session

alzota · alzota · commit b40bd3c0c8ca · 2023-06-23T16:04:05.000+03:00
diff --git a/app/code/Magento/Customer/Controller/Account/LoginPost.php b/app/code/Magento/Customer/Controller/Account/LoginPost.php
@@ -13,17 +13,18 @@
 use Magento\Customer\Api\AccountManagementInterface;
 use Magento\Customer\Model\Url as CustomerUrl;
 use Magento\Framework\App\CsrfAwareActionInterface;
+use Magento\Framework\App\ObjectManager;
 use Magento\Framework\App\Request\InvalidRequestException;
 use Magento\Framework\App\RequestInterface;
 use Magento\Framework\Controller\Result\Redirect;
 use Magento\Framework\Exception\EmailNotConfirmedException;
 use Magento\Framework\Exception\AuthenticationException;
 use Magento\Framework\Data\Form\FormKey\Validator;
 use Magento\Framework\Exception\LocalizedException;
-use Magento\Framework\Exception\State\UserLockedException;
 use Magento\Framework\App\Config\ScopeConfigInterface;
 use Magento\Customer\Controller\AbstractAccount;
 use Magento\Framework\Phrase;
+use Magento\Framework\Session\Generic;
 
 /**
  * Post login customer action.
@@ -72,27 +73,35 @@ class LoginPost extends AbstractAccount implements CsrfAwareActionInterface, Htt
      */
     private $customerUrl;
 
+    /**
+     * @var Generic
+     */
+    private $generic;
+
     /**
      * @param Context $context
      * @param Session $customerSession
      * @param AccountManagementInterface $customerAccountManagement
      * @param CustomerUrl $customerHelperData
      * @param Validator $formKeyValidator
      * @param AccountRedirect $accountRedirect
+     * @param Generic $generic
      */
     public function __construct(
         Context $context,
         Session $customerSession,
         AccountManagementInterface $customerAccountManagement,
         CustomerUrl $customerHelperData,
         Validator $formKeyValidator,
-        AccountRedirect $accountRedirect
+        AccountRedirect $accountRedirect,
+        Generic $generic = null
     ) {
         $this->session = $customerSession;
         $this->customerAccountManagement = $customerAccountManagement;
         $this->customerUrl = $customerHelperData;
         $this->formKeyValidator = $formKeyValidator;
         $this->accountRedirect = $accountRedirect;
+        $this->generic = $generic ?? ObjectManager::getInstance()->get(Generic::class);
         parent::__construct($context);
     }
 
@@ -188,6 +197,7 @@ public function execute()
             $login = $this->getRequest()->getPost('login');
             if (!empty($login['username']) && !empty($login['password'])) {
                 try {
+                    $this->generic->setVisitorData([]);
                     $customer = $this->customerAccountManagement->authenticate($login['username'], $login['password']);
                     $this->session->setCustomerDataAsLoggedIn($customer);
                     if ($this->getCookieManager()->getCookie('mage-cache-sessid')) {
diff --git a/app/code/Magento/Customer/Model/ResourceModel/Visitor.php b/app/code/Magento/Customer/Model/ResourceModel/Visitor.php
@@ -122,62 +122,6 @@ public function fetchCreatedAt(int $visitorId): ?int
         return strtotime($lookup['created_at']);
     }
 
-    /**
-     * Gets created at value for the visitor id by customer id
-     *
-     * @param int $customerId
-     * @return int|null
-     */
-    public function fetchCreatedAtByCustomer(int $customerId): ?int
-    {
-        $connection = $this->getConnection();
-        $select = $connection->select()->from(
-            ['visitor_table' => $this->getTable('customer_visitor')],
-            ['created_at' => 'visitor_table.created_at']
-        )->where(
-            'visitor_table.customer_id = ?',
-            $customerId,
-            \Zend_Db::INT_TYPE
-        )->order(
-            'visitor_table.visitor_id DESC'
-        )->limit(
-            1
-        );
-        $lookup = $connection->fetchRow($select);
-        if (empty($lookup) || $lookup['created_at'] == null) {
-            return null;
-        }
-        return strtotime($lookup['created_at']);
-    }
-
-    /**
-     * Gets created at value for the visitor id by customer id
-     *
-     * @param int $customerId
-     * @return int|null
-     */
-    public function fetchLastVisitAtByCustomer(int $customerId): ?int
-    {
-        $connection = $this->getConnection();
-        $select = $connection->select()->from(
-            ['visitor_table' => $this->getTable('customer_visitor')],
-            ['last_visit_at' => 'visitor_table.last_visit_at']
-        )->where(
-            'visitor_table.customer_id = ?',
-            $customerId,
-            \Zend_Db::INT_TYPE
-        )->order(
-            'visitor_table.visitor_id DESC'
-        )->limit(
-            1
-        );
-        $lookup = $connection->fetchRow($select);
-        if (empty($lookup) || $lookup['last_visit_at'] == null) {
-            return null;
-        }
-        return strtotime($lookup['last_visit_at']);
-    }
-
     /**
      * Update visitor session created at column value
      *
@@ -193,20 +137,4 @@ public function updateCreatedAt(int $visitorId, int $timestamp): void
             $this->getConnection()->quoteInto('visitor_id = ?', $visitorId)
         );
     }
-
-    /**
-     * Update visitor session visitor id column value
-     *
-     * @param int $visitorId
-     * @param int $customerId
-     * @return void
-     */
-    public function updateCustomerId(int $visitorId, int $customerId): void
-    {
-        $this->getConnection()->update(
-            $this->getTable('customer_visitor'),
-            ['customer_id' => $customerId],
-            $this->getConnection()->quoteInto('visitor_id = ?', $visitorId)
-        );
-    }
 }
diff --git a/app/code/Magento/Customer/Model/Session/SessionCleaner.php b/app/code/Magento/Customer/Model/Session/SessionCleaner.php
@@ -98,9 +98,7 @@ public function clearFor(int $customerId): void
         $timestamp = $dateTime->getTimestamp();
         $this->customerResourceModel->updateSessionCutOff($customerId, $timestamp);
         if ($this->sessionManager->getVisitorData() !== null) {
-
             $visitorId = $this->sessionManager->getVisitorData()['visitor_id'];
-            $this->visitorResourceModel->updateCustomerId((int) $visitorId, $customerId);
             $this->visitorResourceModel->updateCreatedAt((int) $visitorId, $timestamp + 1);
         }
     }
diff --git a/app/code/Magento/Customer/Model/Session/Validators/CutoffValidator.php b/app/code/Magento/Customer/Model/Session/Validators/CutoffValidator.php
@@ -68,11 +68,6 @@ public function validate(SessionManagerInterface $session): void
             ) {
                 $cutoff = $this->customerResource->findSessionCutOff((int) $visitor['customer_id']);
                 $sessionCreationTime = $this->visitorResource->fetchCreatedAt((int) $visitor['visitor_id']);
-                $secondSessionCreationTime = $this->visitorResource->fetchCreatedAtByCustomer((int) $visitor['customer_id']);
-
-                if ($secondSessionCreationTime > $sessionCreationTime) {
-                    $sessionCreationTime = $secondSessionCreationTime;
-                }
                 if (isset($cutoff, $sessionCreationTime) && $cutoff > $sessionCreationTime) {
                     throw new SessionException(
                         new Phrase('The session has expired, please login again.')

Original file line number	Diff line number	Diff line change
`@@ -98,9 +98,7 @@ public function clearFor(int $customerId): void`
`98`	`98`	`$timestamp = $dateTime->getTimestamp();`
`99`	`99`	`$this->customerResourceModel->updateSessionCutOff($customerId, $timestamp);`
`100`	`100`	`if ($this->sessionManager->getVisitorData() !== null) {`
`101`		`-`
`102`	`101`	`$visitorId = $this->sessionManager->getVisitorData()['visitor_id'];`
`103`		`- $this->visitorResourceModel->updateCustomerId((int) $visitorId, $customerId);`
`104`	`102`	`$this->visitorResourceModel->updateCreatedAt((int) $visitorId, $timestamp + 1);`
`105`	`103`	`}`
`106`	`104`	`}`