Page MenuHomePhabricator
Create Task
Maniphest T411822

Bogus "Your central login session has expired." message when trying to switch accounts
Closed, ResolvedPublicBUG REPORT
Actions

Description

Visit the login page while already logged in, and you'll see

You are already logged in as Foo.

and then below it

Your central login session has expired. Please log in again to continue.

but the session is obviously fine, as the first message shows.

Details

Related Changes in Gerrit:
SubjectRepoBranchLines +/-
SUL3: Show expiry message only if user isn't logged-in centrallymediawiki/extensions/CentralAuthmaster+4 -1
Customize query in gerrit

Related Objects

Event Timeline

Tgr created this task.Dec 4 2025, 10:05 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptDec 4 2025, 10:05 PM
gerritbot added a comment.Dec 5 2025, 9:35 AM

Change #1215531 had a related patch set uploaded (by D3r1ck01; author: Derick Alangi):

[mediawiki/extensions/CentralAuth@master] Do not show central session expiry if it hasn't expired

https://gerrit.wikimedia.org/r/1215531

gerritbot added a project: Patch-For-Review.Dec 5 2025, 9:35 AM
DAlangi_WMF subscribed.Dec 5 2025, 9:39 AM

Oops, I missed this during code review and local testing of 56126683a56. Fixed now:

beforeafter
Screenshot 2025-12-05 at 12.36.47 PM.png (1×3 px, 337 KB)
Screenshot 2025-12-05 at 12.37.31 PM.png (1×3 px, 318 KB)
DAlangi_WMF changed the task status from Open to In Progress.Dec 5 2025, 9:39 AM
DAlangi_WMF claimed this task.
DAlangi_WMF moved this task from Inbox, needs triage to Q3 Kanban Board on the MediaWiki-Platform-Team board.
DAlangi_WMF edited projects, added MediaWiki-Platform-Team (Q3 Kanban Board); removed MediaWiki-Platform-Team.
DAlangi_WMF moved this task from Essential Work to In Progress on the MediaWiki-Platform-Team (Q3 Kanban Board) board.
DAlangi_WMF added a comment.Dec 5 2025, 11:18 AM

I observed that during testing locally, when the user is logged in locally and logged out centrally, visiting Special:CreateAccount or Special:UserLogin from the local wiki redirects to Special:UserLogin regardless.

This makes sense because it detects that the user has a local session active, but must first log in centrally to perform any other actions. After the user logs in centrally, they are redirected to the page for the previous action they attempted (login or sign up) on the central domain with the correct messages at the top of the form.

Screenshot 2025-12-05 at 2.12.07 PM.png (1×3 px, 249 KB)

I think the flow above is correct.

gerritbot added a comment.Dec 6 2025, 8:56 PM

Change #1215531 merged by jenkins-bot:

[mediawiki/extensions/CentralAuth@master] SUL3: Show expiry message only if user isn't logged-in centrally

https://gerrit.wikimedia.org/r/1215531

matmarex closed this task as Resolved.Dec 6 2025, 9:04 PM
matmarex subscribed.

Thanks for fixing this, my bad!

Maintenance_bot removed a project: Patch-For-Review.Dec 6 2025, 9:30 PM
A_smart_kitten added a project: MediaWiki-extensions-CentralAuth.Dec 6 2025, 9:44 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits