Skip to content

Invalidate sessions created by inactive plugins#23966

Closed
nathangavin wants to merge 17 commits into5.x-devfrom
dev-19675
Closed

Invalidate sessions created by inactive plugins#23966
nathangavin wants to merge 17 commits into5.x-devfrom
dev-19675

Conversation

@nathangavin
Copy link
Copy Markdown
Contributor

@nathangavin nathangavin commented Jan 14, 2026
edited
Loading

Description

Please include a description of this change and which issue it fixes. If no issue exists yet please include context and what problem it solves.

Checklist

  • [NA] I have understood, reviewed, and tested all AI outputs before use
  • [NA] All AI instructions respect security, IP, and privacy rules

Review

@nathangavin nathangavin marked this pull request as ready for review January 15, 2026 03:56
@nathangavin nathangavin requested a review from a team January 15, 2026 03:56
@nathangavin nathangavin added Needs Review c: Security For issues that make Matomo more secure. Please report issues through HackerOne and not in Github. labels Jan 15, 2026
@nathangavin nathangavin marked this pull request as draft January 15, 2026 23:52
@nathangavin nathangavin added this to the 5.7.0 milestone Jan 19, 2026
@nathangavin nathangavin marked this pull request as ready for review January 19, 2026 04:22
sgiehl
sgiehl requested changes Jan 20, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@sgiehl sgiehl left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Left some comments for code improvements.

Besides that we should also ask @matomo-org/plugin-reviewers for a review / test, to ensure it solves the issue we are trying to solve with it.

@nathangavin nathangavin requested a review from sgiehl January 21, 2026 06:12
sgiehl
sgiehl reviewed Jan 21, 2026
View reviewed changes
sgiehl
sgiehl reviewed Jan 21, 2026
View reviewed changes
sgiehl
sgiehl reviewed Jan 21, 2026
View reviewed changes
sgiehl
sgiehl reviewed Jan 21, 2026
View reviewed changes
@nathangavin nathangavin requested a review from sgiehl January 21, 2026 20:56
AltamashShaikh
AltamashShaikh reviewed Jan 22, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@AltamashShaikh AltamashShaikh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I tested this PR against LoginLdap and LoginSaml plugin, and on plugin deactivation, the user was asked to sign-in again.

@sgiehl sgiehl modified the milestones: 5.7.0, 5.8.0 Jan 22, 2026
@nathangavin
Copy link
Copy Markdown
Contributor Author

nathangavin commented Jan 29, 2026

Closed due to alternate solution being implemented.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@AltamashShaikh AltamashShaikh AltamashShaikh left review comments

@sgiehl sgiehl Awaiting requested review from sgiehl

Assignees

No one assigned

Labels

c: Security For issues that make Matomo more secure. Please report issues through HackerOne and not in Github.

Milestone

5.8.0

Development

Successfully merging this pull request may close these issues.

3 participants

@nathangavin @sgiehl @AltamashShaikh