Custom Registration Issue

[jayashanka]

I'm trying to register a customer from backend and after successful registration login the customer automatically and redirect to my-account page. 

registration works well, but when I try to login the customer automatically and redirect to my-account, it redirects back to login page and ask to login.

below is my code

$customer = new Customer();
                        $authentication = $customer->getByEmail($email);
                        if (Validate::isLoadedObject($authentication)) {
     
                            $this->context->cookie->id_customer = $authentication->id;
                            $this->context->cookie->customer_lastname = $authentication->lastname;
                            $this->context->cookie->customer_firstname = $authentication->firstname;
                            $this->context->cookie->logged = 1;
                            $this->context->cookie->check_cgv = 1;  
                            $this->context->cookie->is_guest = $this->context->customer->isGuest();
                            $this->context->cookie->passwd = $this->context->customer->passwd;
                            $this->context->cookie->email = $this->context->customer->email;
                 
                            Tools::redirect('index.php?controller=my-account');
                        }

 

Is there anything wrong with my code?

 

 

 

[AddWeb Solution]

Hi,

Before redirecting to the "my-account" page, you should make sure that the customer is successfully logged in. You can do this by verifying the "logged" status in the cookie.

if ($this->context->cookie->logged == 1) {
  Tools::redirect('index.php?controller=my-account');
}

Make sure that the "my-account" controller and template are correctly configured in your PrestaShop installation. It's possible that there may be an issue with the controller or template that's causing the redirection to the login page.

Thanks!
 

[AddWeb Solution]

Also, Validate::isLoadedObject($authentication) simply checks if an object is loaded, but it doesn't verify the customer's password. Using this condition alone would allow any email address to log in without verifying the password.

Instead use something like below :

$customer = new Customer();
$authentication = $customer->getByEmail($email);

if ($authentication && $customer->checkPassword($password)) {
    // Authentication successful
    // Set cookies and redirect to the "my-account" page
} else {
    // Authentication failed, handle the error (e.g., show an error message)
}

Let me know if it helps!

Thanks!

[jayashanka]

On 8/21/2023 at 11:33 AM, AddWeb Solution said:

Also, Validate::isLoadedObject($authentication) simply checks if an object is loaded, but it doesn't verify the customer's password. Using this condition alone would allow any email address to log in without verifying the password.

Instead use something like below :

$customer = new Customer();
$authentication = $customer->getByEmail($email);

if ($authentication && $customer->checkPassword($password)) {
    // Authentication successful
    // Set cookies and redirect to the "my-account" page
} else {
    // Authentication failed, handle the error (e.g., show an error message)
}

Let me know if it helps!

Thanks!

Hi @AddWeb Solution thanks for sharing this code. its really helpful. And also I have done additional part that is execuiting Authentication hook.

with both combination, functionality works well. 

[AddWeb Solution]

That's great to hear!
Kindly add cup to my post as it is helpful.

Thanks again!