More issues related to the customer data loaded by js

[pitbulk]

Description

In ticket #28428 I reported a bug that affected customer data not retrieved after executing a custom login controller, that was fixed by: #29081

One of my customers reported 2 more different bugs that I consider are related with the customer data loaded by javascript as well

• If in the Magento instance exists customers with similar fullname (same lastname for example), the message that appears on the welcome message mismatch the fullname (wrong is loaded). It was verified that the data of the logged user that appears on the profile view is different than the one loaded on the customer data object loaded by js for printing the welcome message

• After login, if the user proceeds to checkout, the login popup appear even if the user was previously logged.
  Similar than the issue described here: https://github.com/mageplaza/magento-2-social-login/issues/197

On 2.4.1 and 2.4.2 a new issue appeared as well:

• After login, I can access user account and verify Im logged in, after that I add a new item to the cart, ans when visiting the cart, the login auth popup appears. It seems that something is wrong with the user session on the frontend.

Preconditions

• Magento 2.3.4, 2.3.5, 2.4, 2.4.1
• Custom Login controller

My login controller is similar than the PostLogin code

$customerSession->setCustomerDataAsLoggedIn($customer);
if ($this->getCookieManager()->getCookie('mage-cache-sessid')) {
    $metadata = $this->getCookieMetadataFactory()->createCookieMetadata();
    $metadata->setPath('/');
    $this->getCookieManager()->deleteCookie('mage-cache-sessid', $metadata);
}

$resultRedirect = $this->resultRedirectFactory->create();
return $resultRedirect->setUrl($targetURL);

The extension also forces sections to be invalidated after my custom login, by adding a etc/frontend/sections.xml as documented on page-caching

<?xml version="1.0"?>
<config xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"        xsi:noNamespaceSchemaLocation="urn:magento:module:Magento_Customer:etc/sections.xsd">
    <action name="sso/saml2/acs">
        <section name="*"/>
    </action>
</config>

Steps to reproduce

I implemented this simple custom login controller that will allow reproducing the issue:
https://github.com/pitbulk/magento-custom-login

If in a private browser I log in with a user that has the same lastname as others, I experience the issues described.

The issue exists on Magento 2.3.4, 2.3.4-p2, 2.3.5-p1 and 2.4.1

Expected result

• customer data properly loaded even if existing customer accounts with the same lastname
• If the user is logged in, clicking on the checkout link will never open a popup for authentication

Actual result

After enabling a private browser, and log in

• wrong welcome message is loaded, data from other customer prompted
• If the user is logged in, click on the checkout link, a popup for authentication appears
  Similar to the situation described here: https://github.com/mageplaza/magento-2-social-login/issues/197

[m2-assistant]

Hi @pitbulk. Thank you for your report.
To help us process this issue please make sure that you provided the following information:

• Summary of the issue
• Information on your environment
• Steps to reproduce
• Expected and actual results

Please make sure that the issue is reproducible on the vanilla Magento instance following Steps to reproduce. To deploy vanilla Magento instance on our environment, please, add a comment to the issue:

@magento give me 2.4-develop instance - upcoming 2.4.x release

For more details, please, review the Magento Contributor Assistant documentation.

Please, add a comment to assign the issue: @magento I am working on this

---

• Join Magento Community Engineering Slack and ask your questions in #github channel.

⚠️ According to the Magento Contribution requirements, all issues must go through the Community Contributions Triage process. Community Contributions Triage is a public meeting.

🕙 You can find the schedule on the Magento Community Calendar page.

📞 The triage of issues happens in the queue order. If you want to speed up the delivery of your contribution, please join the Community Contributions Triage session to discuss the appropriate ticket.

🎥 You can find the recording of the previous Community Contributions Triage on the Magento Youtube Channel

✏️ Feel free to post questions/proposals/feedback related to the Community Contributions Triage process to the corresponding Slack Channel

[david-kominek]

Also seeing the second issue in 2.3.5-p2.

After login, if the user proceeds to checkout, the login popup appear even if the user was previously logged.

[pitbulk]

any progress with this issue? I believe it impacts any extension implementing a custom login controller.

[pitbulk]

I have several customers of my extension reporting this issue, any ETA for the resolution that I can share with them?

@complexthings you made a fantastic job fixing the other related issue, can you by any chance work on this?

[wilzon008]

I am one of the customers affected by this issue. There are still a lot of people running Magento 2.3.x. Thank in advance to anyone who can help implement this fix.

[cundd]

We are also not able to update our customer's system to a secure version, because this issue makes it impossible. :(

[pitbulk]

Is there anything we can do in order to get the bugs fixed?

[james05]

Also experiencing on 2.4.1. I cannot go live without this fixed.

[pitbulk]

@complexthings are you able to help here?