Cameron Grant

So, how would one not run code ( where I’m doing some redirects ) on Init functions if the code is being trigged by preview mode? Lol

Cameron Grant

Yeah Maybe, I am in edit mode tho. I’ll poke around some more, cheers

Cameron Grant

Really? Then something weird is going on. My Init functions are defiantly being used when clicking on the page icon in the CMS.

Cameron Grant

Hey Guys, on a Page Controller ->Init(), best way to check is you are in the CMS or on the front end?

Cameron Grant

Cheers, yeah that sounds good, I’ll override the SessionAuthentication handler and do the token thing. Probably won’t mess with the session lifetime because our customers do not like logging in all the time ( when they are on there primary device)

Cameron Grant

Hey, glad you asked. As I’m not exactly sure if removing it will have any sufficient consequences. It’s because its a business requirement to log people out of other devices when they log in. In the docs it says you can do this with RememberLoginHash::$force_single_token. Here https://docs.silverstripe.org/en/4/developer_guides/security/member/ . But this does not work because that setting is on the CookieAuthenticationHandler, but the authenticateRequest is never called when logging in because on the RequestAuthenticationHandler->handleRequest, it loops though the handlers, gets to the SessionHanlder->handleRequest first. There it finds the member, breaks out of the loop and continues on with the request.