New login session

This is used for general discussion that is not necessarily server-related.
Post Reply
Naleksuh
This is my homepage
This is my homepage
Posts: 298
https://www.youtube.com/channel/UC40BgXanDqOYoVCYFDSTfHA
Joined: Thu Jul 25, 2019 12:35 am

New login session

Post by Naleksuh »

This was previously discussed in viewtopic.php?p=82164 but did not really have much to do with the Node library.

I have noticed that sessions have expired much more frequently now, I get logged out every couple of days even with the 3-month box ticked. Maybe that box just set the email and password cookies, and doesn't work with the token one?
User avatar
TimeX
Staff
Staff
Posts: 1733
Joined: Thu Jul 22, 2004 12:24 am
Location: Big Bear, CA

Re: New login session

Post by TimeX »

If I'm not mistaken, some (all?) users were forced logged out during an internal operation. That may have been what you saw. The 3-month login retention should still work otherwise.
TimeX
Naleksuh
This is my homepage
This is my homepage
Posts: 298
Joined: Thu Jul 25, 2019 12:35 am

Re: New login session

Post by Naleksuh »

It's happened a few times not just once. Though I don't know if this was maintenance those other times as well. Does anyone know?
Naleksuh
This is my homepage
This is my homepage
Posts: 298
Joined: Thu Jul 25, 2019 12:35 am

Re: New login session

Post by Naleksuh »

Also still getting the logout error.

<a href="login_logout.pl?return=">Click here</a>

Why is this not working? It doesn't have http://
User avatar
Edge100x
Founder
Founder
Posts: 12963
Joined: Thu Apr 18, 2002 11:04 pm
Location: Seattle
Contact:

Re: New login session

Post by Edge100x »

Is your browser string or IP address changing? These could cause your token to no longer validate.

If you're curious about the cookie lifetime, you should be able to check that through your browser's development tools.

login_logout.pl should be fixed to work around your https issue now. That http redirect is still something that was in place for years, so it doesn't relate to the recent login changes. Good to have adjusted, though.
Naleksuh
This is my homepage
This is my homepage
Posts: 298
Joined: Thu Jul 25, 2019 12:35 am

Re: New login session

Post by Naleksuh »

No, my IP address never changed. Is the "browser string" the user agent? If so that didn't change either.
User avatar
Edge100x
Founder
Founder
Posts: 12963
Joined: Thu Apr 18, 2002 11:04 pm
Location: Seattle
Contact:

Re: New login session

Post by Edge100x »

Hmm. No reason that I can think of for it happening on this end, apart from what TimeX said. If I see it happen to me personally, I will be able to investigate further in depth.
Naleksuh
This is my homepage
This is my homepage
Posts: 298
Joined: Thu Jul 25, 2019 12:35 am

Re: New login session

Post by Naleksuh »

This has happened again. Even though the three-month box was checked when I logged in, I'm not logged in anymore.

Next time I open the control panel I will open the network tab first to see what my browser and NFO are doing
Naleksuh
This is my homepage
This is my homepage
Posts: 298
Joined: Thu Jul 25, 2019 12:35 am

Re: New login session

Post by Naleksuh »

This doesn't seem to have happened since. Might just be active ongoing work on the login system. Or it might be because of the client-side expiration differing from the server side. Does the backend expire session tokens or does it just rely on the cookie going away like it did with the password one?

Also, there is now a PHPSESSID cookie which I don't remember existing. Is that new? :O
Naleksuh
This is my homepage
This is my homepage
Posts: 298
Joined: Thu Jul 25, 2019 12:35 am

Re: New login session

Post by Naleksuh »

This happened again. Sadly, I did not have my browser tools open.

However, I did happen to notice the URL. Which was https://www.nfoservers.com/control/logi ... d%20needed - is this a clue?
Post Reply