Login user page stays in loop when it's disabled by the admin

[S-Panta]

Describe the bug

When a user is disabled by the admin and if the user isn't logged out, the browser stays in the loop when trying to access it next time, and no login is possible.

Steps to reproduce

1. Login with any test user
2. Open incognito and login with admin and disable that user
3. The user get logs out.

Expected behavior

It should be possible to log in to the URL again on that session

Actual behavior

The login page is stuck and it stays in the loop with the message Authentication failed. The browser console reads as getUser: user not found in storage.

[micbar]

@kulmann @rhafer

[rhafer]

@S-Panta I am not able to reproduce this. For me the disabled user is logged out successfully and after that I can login any other (not-disabled) user just fine using the same browser session.

Forget that I think I have a reproducer ...

[rhafer]

When the page is reloaded after a user got disabled, but before the access token is expired, the UI gets into a state where nobody can login anymore using that browser tab.

@kulmann I am transferring this to web as I am pretty sure this is a web issue.

[JammingBen]

I suppose this is the same issue as #4677. The supposed fix #10165 has other drawbacks the last time I tested, so it needs a re-visit.

[S-Panta]

It looks similar though this is for disabled user.

[JammingBen]

It looks similar though this is for disabled user.

Yes. I think I didn't make myself clear enough 😄 What I meant was that the underlying technical issue with the IDP lib is (probably) the same, meaning fixing it will resolve both issues.

[S-Panta]

Closing this issue in favor of #4677