Skip to content

Replace exception-based auth failure with false return in Customer::authenticate()#5352

Draft
Copilot wants to merge 2 commits intomainfrom
copilot/replace-user-level-exceptions
Draft

Replace exception-based auth failure with false return in Customer::authenticate()#5352
Copilot wants to merge 2 commits intomainfrom
copilot/replace-user-level-exceptions

Conversation

Copy link
Copy Markdown
Contributor

Copilot AI commented Mar 25, 2026
edited
Loading

Exceptions were being thrown for normal user-facing conditions (wrong password, unconfirmed account) in Mage_Customer_Model_Customer::authenticate(), polluting exception logs with expected user errors rather than genuine system failures.

Changes

  • Customer::authenticate() — Remove throw EXCEPTION_INVALID_EMAIL_OR_PASSWORD on password mismatch; return false instead. Retain EXCEPTION_EMAIL_NOT_CONFIRMED since the controller requires it to render the resend-confirmation link.

  • AccountController::loginPostAction() — Handle false return from $session->login() directly, adding the error message to session. Remove the now-dead EXCEPTION_INVALID_EMAIL_OR_PASSWORD switch case.

  • Rss_Helper_Data::authFrontend() — Fix pre-existing bug: authenticate() return value (bool) was being assigned to $customer and getId() called on it (would fatal on success). Separate model instantiation from authenticate call; wrap in try-catch to route all auth failures through authFailed().

// Before: wrong password throws, pollutes exception logs
if (!$this->validatePassword($password)) {
    throw Mage::exception('Mage_Core', ..., self::EXCEPTION_INVALID_EMAIL_OR_PASSWORD);
}

// After: clean boolean return; no exception noise
if (!$this->validatePassword($password)) {
    return false;
}

End-user behaviour is unchanged: the same "Invalid login or password." message is displayed.

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

  • https://api.github.com/repos/CarbonPHP/carbon-doctrine-types/zipball/18ba5ddfec8976260ead6e866180bd5d2f71aa1d
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/CarbonPHP/carbon/zipball/9228ce90e1035ff2f0db84b40ec2e023ed802075
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/Cotya/magento-composer-installer/zipball/ece5cc5bb2a0150a743619901543036597f9eb5b
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/Flyingmana/composer-config-reader/zipball/47d398306f82b756d69628e13a366537f0f05973
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/GrahamCampbell/Result-Type/zipball/e01f4a821471308ba86aa202fed6698b6b695e3b
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/MyIntervals/PHP-CSS-Parser/zipball/1b363fdbdc6dd0ca0f4bf98d3a4d7f388133f1fb
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/MyIntervals/emogrifier/zipball/3548212a1b4232a4a6ad344992f551725b3de295
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/OpenMage/composer-plugin/zipball/5ea8f5d3dc2119f74699ace4d5ee5b50e3627a37
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/OpenMage/dev-translations/zipball/cac06c24c2bc32eb7c75eb414708070da9648b9a
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/PHP-CS-Fixer/PHP-CS-Fixer/zipball/7787ceff91365ba7d623ec410b8f429cdebb4f63
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/PHPCSStandards/PHP_CodeSniffer/zipball/0ca86845ce43291e8f5692c7356fccf3bcf02bf4
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/PHPCSStandards/composer-installer/zipball/845eb62303d2ca9b289ef216356568ccc075ffd1
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/PHPCompatibility/PHPCompatibility/zipball/9fb324479acf6f39452e0655d2429cc0d3914243
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/PhpUnitsOfMeasure/php-units-of-measure/zipball/cf1b83b1ef7615dd53f70864c9e7f496b1ec0fd1
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/Seldaek/jsonlint/zipball/1748aaf847fc731cfad7725aec413ee46f0cc3a2
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/Seldaek/monolog/zipball/b321dd6749f0bf7189444158a3ce785cc16d69b0
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/Seldaek/phar-utils/zipball/ea2f4014f163c1be4c601b9b7bd6af81ba8d701c
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/Seldaek/signal-handler/zipball/04a6112e883ad76c0ada8e4a9f7520bbfdb6bb98
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/Shardj/zf1-future/zipball/02d4a43d4e086ff28402e06a95499d4449980281
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/chartjs/Chart.js/zipball/9c5cf9fac7ec04a71b516e2aff3f7d76876be369
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/clue/reactphp-ndjson/zipball/392dc165fce93b5bb5c637b67e59619223c931b0
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/colinmollenhour/Cm_Cache_Backend_Redis/zipball/1910c45781bae0744d2f92454150e0e98634e815
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/colinmollenhour/Cm_RedisSession/zipball/d86fc3789f884cb4b04a9353022a9a8ce89efbbd
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/colinmollenhour/credis/zipball/f4930b426f6b1238b687a1ffe6ee5af7f835b40a
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/colinmollenhour/php-redis-session-abstract/zipball/defae6e34b0f6ce42e4be4f14f529d8932aea73a
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/components/jquery/zipball/8edc7785239bb8c2ad2b83302b856a1d61de60e7
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/composer/ca-bundle/zipball/961a5e4056dd2e4a2eedcac7576075947c28bf63
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/composer/class-map-generator/zipball/8f5fa3cc214230e71f54924bd0197a3bcc705eb1
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/composer/composer/zipball/937c775a644bd7d2c3dfbb352747488463a6e673
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/composer/metadata-minifier/zipball/c549d23829536f0d0e984aaabbf02af91f443207
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/composer/pcre/zipball/b2bed4734f0cc156ee1fe9c0da2550420d99a21e
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/composer/semver/zipball/198166618906cb2de69b95d7d47e5fa8aa1b2b95
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/composer/spdx-licenses/zipball/edf364cefe8c43501e21e88110aac10b284c3c9f
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/composer/xdebug-handler/zipball/6c1925561632e83d60a44492e0b344cf48ab85ef
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/cweagans/composer-configurable-plugin/zipball/15433906511a108a1806710e988629fd24b89974
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/cweagans/composer-patches/zipball/bfa6018a5f864653d9ed899b902ea72f858a2cf7
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/doctrine/inflector/zipball/6d6c96277ea252fc1304627204c3d5e6e15faa3b
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/doctrine/instantiator/zipball/c6222283fa3f4ac679f8b9ced9a4e23f163e80d0
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/eloquent/enumeration/zipball/0242859435d9b135939816858348556d3cde9e3c
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/empiricompany/openmage_ignition/zipball/4e89eedc5bcbde918d2b012ec03608cb2e8272e7
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/ezyang/htmlpurifier/zipball/b287d2a16aceffbf6e0295559b39662612b77fcf
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/flowjs/flow.js/zipball/3d4ba3a1b9906b31551f33ae649e6fd6b95cf711
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/igorw/evenement/zipball/0a16b0d71ab13284339abb99d9d2bd813640efbc
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/illuminate/collections/zipball/6ae9c74fa92d4e1824d1b346cd435e8eacdc3232
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/illuminate/conditionable/zipball/47c700320b7a419f0d188d111f3bbed978fcbd3f
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/illuminate/contracts/zipball/2393ef579e020d88e24283913c815c3e2c143323
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/illuminate/macroable/zipball/dff667a46ac37b634dcf68909d9d41e94dc97c27
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/illuminate/pipeline/zipball/c12e4f1d8a1fbecdc1e0fa4dc9fe17b4315832e9
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/illuminate/support/zipball/28b505e671dbe119e4e32a75c78f87189d046e39
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/jsonrainbow/json-schema/zipball/b5a44b6391a3bbb75c9f2b73e1ef03d6045e1e20
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/macopedia/phpstan-magento1/zipball/01418cc9a536ffbf298fdf7ea3b9fac1f87a0508
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/magento-ecg/coding-standard/zipball/1db1da45447682108c63ea94ce07119a002a6504
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/mklkj/tinymce-i18n/zipball/47145e4264a055ef327cf70b7bd0d5022e88c734
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/myclabs/DeepCopy/zipball/07d290f0c47959fd5eed98c95ee5602db07e0b6a
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/nikic/PHP-Parser/zipball/dca41cd15c2ac9d055ad70dbfd011130757d1f82
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/paragonie/constant_time_encoding/zipball/d5b01a39b3415c2cd581d3bd3a3575c1ebbd8e77
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/paragonie/random_compat/zipball/996434e5492cb4c3edcb9168db6fbb1359ef965a
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/pdepend/pdepend/zipball/f942b208dc2a0868454d01b29f0c75bbcfc6ed58
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/perftools/php-profiler/zipball/1105db3deded46d56879900d22c447808e39d0a9
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/phar-io/manifest/zipball/54750ef60c58e43759730615a392c31c80e23176
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/phar-io/version/zipball/4f7fd7836c6f332bb2933569e566a0d6c4cbed74
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/php-fig/clock/zipball/e41a24703d4560fd0acb709162f73b8adfc3aa0d
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/php-fig/container/zipball/c71ecc56dfe541dbd90c5360474fbc405f8d5963
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/php-fig/event-dispatcher/zipball/dbefd12671e8a14ec7f180cab83036ed26714bb0
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/php-fig/log/zipball/ef29f6d262798707a9edd554e2b82517ef3a9376
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/php-fig/simple-cache/zipball/764e0b3939f5ca87cb904f570ef9be2d78a07865
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/phpmd/phpmd/zipball/74a1f56e33afad4128b886e334093e98e1b5e7c0
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/phpseclib/mcrypt_compat/zipball/cd248c07cc7b09dc73d568199eff5e8ddc4aff0d
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/phpseclib/phpseclib/zipball/aa6ad8321ed103dc3624fb600a25b66ebf78ec7b
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/phpstan/extension-installer/zipball/85e90b3942d06b2326fba0403ec24fe912372936
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/phpstan/phpstan-phpunit/zipball/6ab598e1bc106e6827fd346ae4a12b4a5d634c32
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/phpstan/phpstan-strict-rules/zipball/1aba28b697c1e3b6bbec8a1725f8b11b6d3e5a5f
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/phpstan/phpstan/zipball/1279e1ce86ba768f0780c9d889852b4e02ff40d0
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/reactphp/cache/zipball/d47c472b64aa5608225f47965a484b75c7817d5b
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/reactphp/child-process/zipball/970f0e71945556422ee4570ccbabaedc3cf04ad3
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/reactphp/dns/zipball/7562c05391f42701c1fccf189c8225fece1cd7c3
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/reactphp/event-loop/zipball/ba276bda6083df7e0050fd9b33f66ad7a4ac747a
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/reactphp/promise/zipball/23444f53a813a3296c1368bb104793ce8d88f04a
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/reactphp/socket/zipball/ef5b17b81f6f60504c539313f94f2d826c5faa08
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/reactphp/stream/zipball/1e5b0acb8fe55143b5b426817155190eb6f5b18d
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/rectorphp/rector/zipball/917842143fd9f5331a2adefc214b8d7143bd32c4
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/schmittjoh/php-option/zipball/75365b91986c2405cf5e1e012c5595cd487a98be
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/sebastianbergmann/cli-parser/zipball/2b56bea83a09de3ac06bb18b92f068e60cc6f50b
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/sebastianbergmann/code-unit-reverse-lookup/zipball/ac91f01ccec49fb77bdc6fd1e548bc70f7faa3e5
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/sebastianbergmann/code-unit/zipball/1fc9f64c0927627ef78ba436c9b17d967e68e120
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/sebastianbergmann/comparator/zipball/e4df00b9b3571187db2831ae9aada2c6efbd715d
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/sebastianbergmann/complexity/zipball/25f207c40d62b8b7aa32f5ab026c53561964053a
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/sebastianbergmann/diff/zipball/ba01945089c3a293b01ba9badc29ad55b106b0bc
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/sebastianbergmann/environment/zipball/830c43a844f1f8d5b7a1f6d6076b784454d8b7ed
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/sebastianbergmann/exporter/zipball/14c6ba52f95a36c3d27c835d65efc7123c446e8c
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/sebastianbergmann/global-state/zipball/b6781316bdcd28260904e7cc18ec983d0d2ef4f6
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/sebastianbergmann/lines-of-code/zipball/e1e4a170560925c26d424b6a03aed157e7dcc5c5
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/sebastianbergmann/object-enumerator/zipball/5c9eeac41b290a3712d88851518825ad78f45c71
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/sebastianbergmann/object-reflector/zipball/b4f479ebdbf63ac605d183ece17d8d7fe49c15c7
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/sebastianbergmann/php-code-coverage/zipball/85402a822d1ecf1db1096959413d35e1c37cf1a5
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/sebastianbergmann/php-file-iterator/zipball/cf1c2e7c203ac650e352f4cc675a7021e7d1b3cf
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/sebastianbergmann/php-invoker/zipball/5a10147d0aaf65b58940a0b72f71c9ac0423cc67
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/sebastianbergmann/php-text-template/zipball/5da5f67fc95621df9ff4c4e5a84d6a8a2acf7c28
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/sebastianbergmann/php-timer/zipball/5a63ce20ed1b5bf577850e2c4e87f4aa902afbd2
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/sebastianbergmann/phpunit/zipball/b36f02317466907a230d3aa1d34467041271ef4a
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/sebastianbergmann/recursion-context/zipball/539c6691e0623af6dc6f9c20384c120f963465a0
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/sebastianbergmann/resource-operations/zipball/05d5692a7993ecccd56a03e40cd7e5b09b1d404e
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/sebastianbergmann/type/zipball/75e2c2a32f5e0b3aef905b9ed0b179b953b3d7c7
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/sebastianbergmann/version/zipball/c6c1022351a901512170118436c764e473f6de8c
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/spatie/backtrace/zipball/8c0f16a59ae35ec8c62d85c3c17585158f430110
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/spatie/error-solutions/zipball/e495d7178ca524f2dd0fe6a1d99a1e608e1c9936
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/spatie/flare-client-php/zipball/bf1716eb98bd689451b071548ae9e70738dce62f
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/spatie/ignition/zipball/31f314153020aee5af3537e507fef892ffbf8c85
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/symfony/config/zipball/d445badf0ad2c2a492e38c0378c39997a56ef97b
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/symfony/console/zipball/c4ba980ca61a9eb18ee6bcc73f28e475852bb1ed
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/symfony/css-selector/zipball/9b784413143701aa3c94ac1869a159a9e53e8761
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/symfony/dependency-injection/zipball/b17882e933c4c606620247b6708ab53aa3b88753
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/symfony/deprecation-contracts/zipball/63afe740e99a13ba87ec199bb07bbdee937a5b62
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/symfony/event-dispatcher-contracts/zipball/59eb412e93815df44f05f342958efa9f46b1e586
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/symfony/event-dispatcher/zipball/99d7e101826e6610606b9433248f80c1997cd20b
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/symfony/filesystem/zipball/441c6b69f7222aadae7cbf5df588496d5ee37789
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/symfony/finder/zipball/24965ca011dac87431729640feef8bcf7b5523e0
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/symfony/http-foundation/zipball/f1a490cc9d595ba7ebe684220e625d1e472ad278
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/symfony/mime/zipball/7409686879ca36c09fc970a5fa8ff6e93504dba4
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/symfony/options-resolver/zipball/eeaa8cabe54c7b3516938c72a4a161c0cc80a34f
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/symfony/polyfill-php82/zipball/5d2ed36f7734637dacc025f179698031951b1692
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/symfony/polyfill-php83/zipball/17f6f9a6b1735c0f163024d959f700cfbc5155e5
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/symfony/polyfill-php84/zipball/d8ced4d875142b6a7426000426b8abc631d6b191
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/symfony/polyfill-php85/zipball/d4e5fcd4ab3d998ab16c0db48e6cbb9a01993f91
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/symfony/process/zipball/c46e854e79b52d07666e43924a20cb6dc546644e
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/symfony/service-contracts/zipball/45112560a3ba2d715666a509a0bc9521d10b6c43
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/symfony/stopwatch/zipball/b67e94e06a05d9572c2fa354483b3e13e3cb1898
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/symfony/string/zipball/50590a057841fa6bf69d12eceffce3465b9e32cb
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/symfony/translation-contracts/zipball/65a8bc82080447fae78373aa10f8d13b38338977
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/symfony/translation/zipball/d6cc8e2fdd484f2f41d25938b0e8e3915de3cfbc
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/symfony/validator/zipball/da1a40418439c0483ca7e0d4ae4c4f744f6b8536
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/symfony/var-dumper/zipball/131fc9915e0343052af5ed5040401b481ca192aa
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/symfony/var-exporter/zipball/466fcac5fa2e871f83d31173f80e9c2684743bfc
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/symplify/vendor-patches/zipball/096aaab56bcea39e25468f538601fda00c1024bb
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/thecodingmachine/safe/zipball/705683a25bacf0d4860c7dea4d7947bfd09eea19
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/theofidry/cpu-core-counter/zipball/db9508f7b1474469d9d3c53b86f817e344732678
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/theseer/tokenizer/zipball/b7489ce515e168639d17feec34b8847c326b0b3c
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/tinymce/tinymce-dist/zipball/4b043a865f1978056f6649638b2e983c0624ff66
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/vlucas/phpdotenv/zipball/955e7815d677a3eaa7075231212f2110983adecc
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)
  • https://api.github.com/repos/voku/portable-ascii/zipball/b1d923f88091c6bf09699efcd7c8a1b1bfd7351d
    • Triggering command: /usr/bin/php8.3 /usr/bin/php8.3 -n -c /tmp/M0P2ht /usr/bin/composer install --no-interaction (http block)

If you need me to access, download, or install something from one of these locations, you can either:

Original prompt

This section details on the original issue you should resolve

<issue_title>[FEAT] Replace some user-level Exceptions (like login failed due to wrong password)</issue_title>
<issue_description>### Is there an existing issue for this?

  • I have searched the existing issues

Description

In app/code/core/Mage/Customer/Model/Customer.php and perhaps other files, OpenMage throws exceptions about expired password reset links, or logging in with invalid credentials. I submit that's not how exceptions are generally used in OpenMage, and that Exceptions are not the right tool here. Exceptions should trigger attention of developers at all times, while these are false alarms.

Before jumping into PRs, I'd like to hear your feedback.

Expected Behavior

I propose to replace those in app/code/core/Mage/Customer/Model/Customer.php and perhaps others with logged errors, while not changing anything for the end user. Naturally, security must not be degraded.

Benefits

Exceptions should alert developers to technical issues, not user issues.

Anything else?

No response</issue_description>

Comments on the Issue (you are @copilot in this section)

@sreichel Good catch. 👍

User issues should go to session messages. imho

💬 Send tasks to Copilot coding agent from Slack and Teams to turn conversations into code. Copilot posts an update in your thread when it's finished.

@addison74
Replace EXCEPTION_INVALID_EMAIL_OR_PASSWORD throw with false return i…
ff17e6a 
…n Customer::authenticate()

Co-authored-by: addison74 <8360474+addison74@users.noreply.github.com>
Agent-Logs-Url: https://github.com/OpenMage/magento-lts/sessions/3e06d92e-33d6-4c74-92b3-569c3b63081e
Copilot AI changed the title [WIP] Replace user-level exceptions with logged errors Replace exception-based auth failure with false return in Customer::authenticate() Mar 25, 2026
Copilot AI requested a review from addison74 March 25, 2026 05:45
@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud bot commented Mar 25, 2026

Quality Gate Passed Quality Gate passed

Issues
1 New issue
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@addison74 addison74 marked this pull request as ready for review March 25, 2026 15:35
Copilot AI review requested due to automatic review settings March 25, 2026 15:35
@github-actions github-actions bot added Component: Customer Relates to Mage_Customer Component: Rss Relates to Mage_Rss labels Mar 25, 2026
@addison74 addison74 marked this pull request as draft March 25, 2026 15:35
Copilot AI reviewed Mar 25, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR updates customer authentication flow to avoid throwing exceptions for expected “bad credentials” cases, reducing noise in exception logs while keeping end-user messaging consistent.

Changes:

  • Change Mage_Customer_Model_Customer::authenticate() to return false on password mismatch instead of throwing EXCEPTION_INVALID_EMAIL_OR_PASSWORD.
  • Update Mage_Customer_AccountController::loginPostAction() to handle a false return from $session->login() and remove the now-dead exception-code branch.
  • Rework Mage_Rss_Helper_Data::authFrontend() to correctly separate customer model instantiation from the authenticate() boolean result.

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 4 comments.

File Description
app/code/core/Mage/Customer/Model/Customer.php Changes authenticate() to return false for invalid credentials; updates docblock accordingly.
app/code/core/Mage/Customer/controllers/AccountController.php Handles failed login via boolean return; removes dead exception switch case.
app/code/core/Mage/Rss/Helper/Data.php Fixes misuse of authenticate() return value and adds exception handling for RSS auth flow.
Comments suppressed due to low confidence (1)

app/code/core/Mage/Customer/Model/Customer.php:265

  • The updated docblock says authenticate() only throws Mage_Core_Exception when the account is not confirmed, but it can also throw from loadByEmail() (e.g., when website-scope sharing is enabled and website_id wasn’t set). Update the @throws description to reflect the other possible Mage_Core_Exception sources, or keep it generic.
     * @return bool
     * @throws Mage_Core_Exception when the account is not confirmed
     */
    public function authenticate($login, $password)
    {
        $this->loadByEmail($login);

app/code/core/Mage/Customer/Model/Customer.php
Comment on lines 263 to 276
@@ -273,11 +272,7 @@ public function authenticate($login, $password)
}

if (!$this->validatePassword($password)) {
throw Mage::exception(
'Mage_Core',
Mage::helper('customer')->__('Invalid login or password.'),
self::EXCEPTION_INVALID_EMAIL_OR_PASSWORD,
);
return false;
}
Copy link

Copilot AI Mar 25, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Mage_Customer_Model_Customer::authenticate() now returns false on bad credentials and throws only for unconfirmed accounts; this is a behavior change with security impact and should be covered by unit tests (e.g., returns false when validatePassword() is false, and throws with code EXCEPTION_EMAIL_NOT_CONFIRMED when confirmation is required). There are already unit tests for this model; please extend them to cover authenticate() so regressions are caught.

Copilot generated this review using guidance from repository custom instructions.
app/code/core/Mage/Rss/Helper/Data.php
$customer = Mage::getModel('customer/customer');
try {
if ($customer->authenticate($username, $password) && $customer->getId()) {
$this->_rssSession->settCustomer($customer);
Copy link

Copilot AI Mar 25, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

$this->_rssSession->settCustomer($customer) looks like a typo and will trigger a fatal error when authentication succeeds, since the RSS session object supports the standard setCustomer() magic setter (and settCustomer is not defined anywhere). Rename this call to setCustomer so the successful-auth path works.

Suggested change
$this->_rssSession->settCustomer($customer);
$this->_rssSession->setCustomer($customer);

Copilot uses AI. Check for mistakes.
app/code/core/Mage/Rss/Helper/Data.php
$this->_rssSession->settCustomer($customer);
} else {
/** @var Mage_Customer_Model_Customer $customer */
$customer = Mage::getModel('customer/customer');
Copy link

Copilot AI Mar 25, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The customer model is instantiated without setting website_id before calling loadByEmail() via authenticate(). In website-scope sharing mode, Mage_Customer_Model_Resource_Customer::loadByEmail() throws if website_id is not set, so RSS auth will always fail (and currently gets converted into a 401). Set the website ID (e.g., from the current store’s website) on the customer model before calling authenticate().

Suggested change
$customer = Mage::getModel('customer/customer');
$customer = Mage::getModel('customer/customer');
$customer->setWebsiteId(Mage::app()->getStore()->getWebsiteId());

Copilot uses AI. Check for mistakes.
app/code/core/Mage/Rss/Helper/Data.php
} else {
$this->authFailed();
}
} catch (Exception) {
Copy link

Copilot AI Mar 25, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Catching all Exception here converts unexpected runtime failures (DB errors, misconfiguration, etc.) into an auth failure (401) and hides the underlying error. Consider narrowing this to Mage_Core_Exception (expected auth/validation failures) and letting other exceptions bubble up (or at least logging them) so operational issues don’t get masked as bad credentials.

Suggested change
} catch (Exception) {
} catch (Mage_Core_Exception $e) {

Copilot uses AI. Check for mistakes.
@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Mar 25, 2026
edited
Loading

Test Results

972 tests  ±0   964 ✅ ±0   17s ⏱️ -1s
214 suites ±0     8 💤 ±0 
  1 files   ±0     0 ❌ ±0 

Results for commit ff17e6a. ± Comparison against base commit 69742c4.

♻️ This comment has been updated with latest results.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@addison74 addison74 Awaiting requested review from addison74

At least 2 approving reviews are required to merge this pull request.

Assignees

@addison74 addison74

Copilot code review Copilot

Labels

Component: Customer Relates to Mage_Customer Component: Rss Relates to Mage_Rss

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[FEAT] Replace some user-level Exceptions (like login failed due to wrong password)

3 participants

@addison74