apache · ocket8888 · Jan 11, 2022 · Jan 8, 2022 · Jan 8, 2022 · Jan 8, 2022
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -35,6 +35,7 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/).
 - [#6175](https://github.com/apache/trafficcontrol/issues/6175) - POST request to /api/4.0/phys_locations accepts mismatch values for regionName.
 - Fixed Traffic Monitor parsing stats_over_http output so that multiple stats for the same underlying delivery service (when the delivery service has more than 1 regex) are properly summed together. This makes the resulting data more accurate in addition to fixing the "new stat is lower than last stat" warnings.
 - Traffic Ops: Sanitize username before executing LDAP query
+- [#6457](https://github.com/apache/trafficcontrol/issues/6457) - Fix broken user registration and password reset, due to the last_authenticated value being null.
 - [#6367](https://github.com/apache/trafficcontrol/issues/6367) - Fix PUT `user/current` to work with v4 User Roles and Permissions
 - [#6266](https://github.com/apache/trafficcontrol/issues/6266) - Removed postgresql13-devel requirement for traffic_ops
 - [#6446](https://github.com/apache/trafficcontrol/issues/6446) - Revert Traffic Router rollover file pattern to the one previously used in `log4j.properties` with Log4j 1.2

diff --git a/traffic_ops/app/db/migrations/2022010715281600_remove_null_last_authenticated.down.sql b/traffic_ops/app/db/migrations/2022010715281600_remove_null_last_authenticated.down.sql
@@ -0,0 +1,16 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with this
+ * work for additional information regarding copyright ownership.  The ASF
+ * licenses this file to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.  See the
+ * License for the specific language governing permissions and limitations under
+ * the License.
+ */
diff --git a/traffic_ops/app/db/migrations/2022010715281600_remove_null_last_authenticated.up.sql b/traffic_ops/app/db/migrations/2022010715281600_remove_null_last_authenticated.up.sql
@@ -0,0 +1,20 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with this
+ * work for additional information regarding copyright ownership.  The ASF
+ * licenses this file to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.  See the
+ * License for the specific language governing permissions and limitations under
+ * the License.
+ */
+
+UPDATE public.tm_user
+SET last_authenticated = now()
+WHERE last_authenticated IS NULL;
diff --git a/traffic_ops/traffic_ops_golang/login/login.go b/traffic_ops/traffic_ops_golang/login/login.go
@@ -232,6 +232,13 @@ func TokenLoginHandler(db *sqlx.DB, cfg config.Config) http.HandlerFunc {
 			return
 		}
 
+		_, dbErr := db.Exec(UpdateLoginTimeQuery, username)
+		if dbErr != nil {
+			dbErr = fmt.Errorf("unable to update authentication time for user '%s': %w", username, dbErr)
+			api.HandleErr(w, r, nil, http.StatusInternalServerError, nil, dbErr)
+			return
+		}
+
 		w.Header().Set(rfc.ContentType, rfc.ApplicationJSON)
 		api.WriteAndLogErr(w, r, append(respBts, '\n'))
 
@@ -372,6 +379,12 @@ func OauthLoginHandler(db *sqlx.DB, cfg config.Config) http.HandlerFunc {
 		}
 
 		if userAllowed && authenticated {
+			_, dbErr := db.Exec(UpdateLoginTimeQuery, form.Username)
+			if dbErr != nil {
+				dbErr = fmt.Errorf("unable to update authentication time for user '%s': %w", form.Username, dbErr)
+				api.HandleErr(w, r, nil, http.StatusInternalServerError, nil, dbErr)
+				return
+			}
 			httpCookie := tocookie.GetCookie(userId, defaultCookieDuration, cfg.Secrets[0])
 			http.SetCookie(w, httpCookie)
 			resp = struct {

diff --git a/traffic_portal/app/src/common/api/UserService.js b/traffic_portal/app/src/common/api/UserService.js
@@ -82,14 +82,12 @@ var UserService = function($http, locationUtils, userModel, messageModel, ENV) {
         );
     };
 
-    // todo: change to use query param when it is supported
-    this.updateUser = function(user) {
-        return $http.put(ENV.api.unstable + "users/" + user.id, user).then(
+    this.updateCurrentUser = function(user) {
+        // We should be using PUT 'user/current' to update the current user
+        const currUser = { user };
+        return $http.put(ENV.api.unstable + 'user/current', currUser).then(
             function(result) {
-                if (userModel.user.id === user.id) {
-                    // if you are updating the currently logged in user...
-                    userModel.setUser(user);
-                }
+                userModel.setUser(user);
                 messageModel.setMessages(result.data.alerts, false);
                 return result;
             },
@@ -100,6 +98,24 @@ var UserService = function($http, locationUtils, userModel, messageModel, ENV) {
         );
     };
 
+    // todo: change to use query param when it is supported
+    this.updateUser = function(user) {
+        if (userModel.user.id === user.id) {
+            return this.updateCurrentUser(user);
+        } else {
+            return $http.put(ENV.api.unstable + "users/" + user.id, user).then(
+                function(result) {
+                    messageModel.setMessages(result.data.alerts, false);
+                    return result;
+                },
+                function(err) {
+                    messageModel.setMessages(err.data.alerts, false);
+                    throw err;
+                }
+            );
+        }
+    };
+
     this.registerUser = function(registration) {
         return $http.post(ENV.api.unstable + "users/register", registration).then(
             function(result) {

diff --git a/traffic_portal/app/src/modules/private/user/UserController.js b/traffic_portal/app/src/modules/private/user/UserController.js
@@ -51,6 +51,9 @@ var UserController = function($scope, $state, $location, $uibModal, formUtils, l
     $scope.user = userModel.user;
 
     $scope.confirmSave = function(user, usernameField) {
+        if (usernameField === undefined) {
+            usernameField = user.username;
+        }
         if (usernameField.$dirty) {
             var params = {
                 title: 'Reauthentication Required',