Project

General

Profile

Actions
Copy link

Feature #37115

closed

Update last_login_on when sending requests with API Key

Added by Andreas Skorczyk about 4 years ago. Updated 1 day ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Category:
Accounts / authentication
Target version:
-
Resolution:
Fixed

Description

Currently, users that access Redmine through the API with a given API key won't surface, as their last_login_on field doesn't get updated. This is a bit problematic in our case, as we can't easily distinguish between an inactive user and one that solely uses the API. The attached patch would change this behavior by calling user.update_last_login_on when finding the user via the API key.
Do you think it makes sense to apply this change or are there reasons against it?

Files

update_last_login_on_on_api_key.patch (409 Bytes) update_last_login_on_on_api_key.patch Andreas Skorczyk, 2022-05-13 11:14

Related issues

Related to Redmine - Defect #20648: Users' "Last connection" is not updated correctly.ClosedActions
Related to Redmine - Feature #43938: Track last usage of API and Atom access keysClosedMarius BĂLTEANUActions
Actions
Copy link
 #1

Updated by Marius BĂLTEANU almost 4 years ago

  • Target version set to Candidate for next minor release
Actions
Copy link
 #2

Updated by Marius BĂLTEANU almost 4 years ago

  • Target version changed from Candidate for next minor release to Candidate for next major release

Andreas Skorczyk wrote:

Do you think it makes sense to apply this change or are there reasons against it?

It makes sense to me to update the last_login_on. Any other opinions?

Actions
Copy link
 #3

Updated by Go MAEDA almost 4 years ago

I think that if last_login_on is updated by requests via API, then it should also be updated by requests via a web browser.

Current:
  • `GET /issues` via browser don't update last_login_on
  • `GET /issues.json` via API don't update last_login_on
After applying the patch:
  • `GET /issues` via browser don't update last_login_on
  • `GET /issues.json` API updates last_login_on
Should be:
  • `GET /issues` via browser updates last_login_on
  • `GET /issues.json` API updates last_login_on
Actions
Copy link
 #4

Updated by Go MAEDA almost 4 years ago

  • Related to Defect #20648: Users' "Last connection" is not updated correctly. added
Actions
Copy link
 #5

Updated by tu tu almost 3 years ago

I met the same issue,My redmine version is 5.0.0.
However,I download the latest redmine code,it doesn't include this patch.So,does this issue fix in the latest redmine?

Actions
Copy link
 #6

Updated by Go MAEDA 1 day ago

  • Category set to Accounts / authentication
  • Status changed from New to Closed
  • Resolution set to Fixed

In Redmine 7.0.0, the API Access key section in the sidebar of the My account page will show when each API access key was last used. Therefore, I am closing this issue.

Please note that, even in Redmine 7.0.0, the "Last sign in" field is updated only when a user signs in through the web interface. API access does not update this field.

For details, please see #43938.

Actions
Copy link
 #7

Updated by Go MAEDA 1 day ago

  • Related to Feature #43938: Track last usage of API and Atom access keys added
Actions
Copy link
 #8

Updated by Go MAEDA 1 day ago

  • Target version deleted (Candidate for next major release)
Actions
Copy link

Also available in: Atom PDF