Jump to content

Community

Adriano Faria

Login on desktop and phone several times during the day

Recommended Posts

On 22/11/2016 at 4:12 PM, Matt said:

It looks like our schema was slightly wrong. I've just corrected it now. Hopefully this means the mobile/desktop woes are over on this site.

Can an update be released to fix this issue specifically Matt?

Share this post


Link to post
Share on other sites

I am having this issue on my dev site. I'm not sure if it's been going on for a while now and I just didn't really notice because I wasn't switching between devices, but now that I am looking for it, it is unmistakable.

The cycle goes like this:

* Log in to site on computer browser

* Close browser

* Load site on phone and log in

* Force close browser on phone

* Open computer browser again

* I am now logged out in the computer browser

* If I now open a browser in my phone again, I will be logged out of that once again too

Basically logging in on any one device seems to invalidate the cookie on any other browser. And yes, I am clicking "Remember Me" and yes I still have the cookies on all my devices saved.

I was hoping to actually do the site migration and go live this weekend but this is just unacceptable.

Edited by Linguica

Share this post


Link to post
Share on other sites
4 hours ago, Linguica said:

I am having this issue on my dev site. I'm not sure if it's been going on for a while now and I just didn't really notice because I wasn't switching between devices, but now that I am looking for it, it is unmistakable.

The cycle goes like this:

* Log in to site on computer browser

* Close browser

* Load site on phone and log in

* Force close browser on phone

* Open computer browser again

* I am now logged out in the computer browser

* If I now open a browser in my phone again, I will be logged out of that once again too

Basically logging in on any one device seems to invalidate the cookie on any other browser. And yes, I am clicking "Remember Me" and yes I still have the cookies on all my devices saved.

I was hoping to actually do the site migration and go live this weekend but this is just unacceptable.

In theory, that shouldn't happen (the code shouldn't log out very frequently, though it does intentionally automatically log you out sometimes), but this plugin fixes all issues related to being automatically logged out for me

 

Share this post


Link to post
Share on other sites
3 hours ago, Colonel_mortis said:

In theory, that shouldn't happen (the code shouldn't log out very frequently, though it does intentionally automatically log you out sometimes), but this plugin fixes all issues related to being automatically logged out for me

Thank you, this seems, at least at first glance, to fix the problem with constant logouts. But, and please don't take this the wrong way, I don't like the idea of relying on an unsupported third-party patch to make very basic functionality of my software work properly. I would feel better about it if I knew what exactly *caused* the issue and why IPB hasn't fixed it by default yet.

It looks like all your plugin does is remove this check from \IPS\Member::checkLoginKey():

if ( !$this->member_login_key or $keyExpiry->diff( \IPS\DateTime::create() )->days > 90 )
|
|
v
if ( !$this->member_login_key )

Which suggests there's something wrong with the date-checking class, or possibly on my server. I'll have to investigate further.

Share this post


Link to post
Share on other sites
1 minute ago, Linguica said:

Thank you, this seems, at least at first glance, to fix the problem with constant logouts. But, and please don't take this the wrong way, I don't like the idea of relying on an unsupported third-party patch to make very basic functionality of my software work properly. I would feel better about it if I knew what exactly *caused* the issue and why IPB hasn't fixed it by default yet.

It looks like all your plugin does is remove this check from \IPS\Member::checkLoginKey():


if ( !$this->member_login_key or $keyExpiry->diff( \IPS\DateTime::create() )->days > 90 )
|
|
v
if ( !$this->member_login_key )

Which suggests there's something wrong with the date-checking class, or possibly on my server. I'll have to investigate further.

Yeah, that is all that plugin does. Unfortunately, IPS have made it clear that they are happy with it working as it does currently

It continually logging out isn't quite what they intend, I hope though, so you might have more luck if you're able to track down the issue and report it.

Share this post


Link to post
Share on other sites

This is just me spitballing, but I just realized that people were complaining about this issue in the leadup to the change from daylight savings time to standard time, and now I'm experiencing it just before the change back from standard time to daylight savings time. Considering the bug seems to have something to do with generating a date in the future, it seems something to investigate at least.

Share this post


Link to post
Share on other sites

OK, so I'm kind of confused by what the code in checkLoginKey() is *supposed* to do, as well as what it is actually doing.

The important check here is:

$keyExpiry = \IPS\DateTime::ts( $this->member_login_key_expire );
if ( !$this->member_login_key or $keyExpiry->diff( \IPS\DateTime::create() )->days > 90 )

Which, if I am reading it right, means that if the member login key stored in the database is more than 90 days in the future, it will change your login key and force you to log in again.

Now, first off, I guess I don't get the logic here - why should this value *ever* be greater? As time passes, the interval between the current time and the login key expiration time will only ever decrease, not increase. (edit: OK, so I guess DateInterval returns an object with a "days" member that's always an absolute value, and a separate "invert" member that says if it's positive or negative. So I guess this is supposed to only return true after 180 days, i.e., once that days values ticks down from 90 to 0 and then back up again to 90.)

Second, 90 days *IS NOT THE SAME AS THREE MONTHS*.

Here's a simple test script:

<?php

require_once 'init.php';
\IPS\Dispatcher\External::i();

$member = \IPS\Member::loggedin();

print "my member login key expiration is ";
print $member->member_login_key_expire;

print "<br>in DateTime terms that is ";
$keyExpiry = \IPS\DateTime::ts($member->member_login_key_expire);
print $keyExpiry;

$three_months_from_now = \IPS\DateTime::create()->add(new \DateInterval('P3M'))->getTimestamp();
print "<br><br>ips calculates three months from now to be ";
print $three_months_from_now;

print "<br>in DateTime terms that is ";
$keyExpiry = \IPS\DateTime::ts($three_months_from_now);
print $keyExpiry;

print "<br><br>ips calculated difference between now and 3 months from now to be ";
print $days = $keyExpiry->diff(\IPS\DateTime::create())->days;
print " days";

if ($days > 90) {
  print "<br><br>this is greater than 90 so you're gonna get logged out, sorry charlie";
}
?>

and the output I just got on my machine immediately after logging in:

Quote

my member login key expiration is 1497205819
in DateTime terms that is 06/11/17 11:30 AM

ips calculates three months from now to be 1497205825
in DateTime terms that is 06/11/17 11:30 AM

ips calculated difference between now and 3 months from now to be 92 days

this is greater than 90 so you're gonna get logged out, sorry charlie

"three months from now" is currently 92 days, not 90, because you have a 31st day in March and another in May. So once you log in, you IMMEDIATELY have a date interval greater than 90 days between your member_login_key_expire value and the current time. So if you log in and reset your member_login_key_expire, logging in again on any other device within the next 2 days will ALWAYS reset your member_login_key and log you out of everything else.

Edited by Linguica

Share this post


Link to post
Share on other sites

Hate to bump an old topic but I've noticed this starting to happen again. Have the forum on the latest General release tried clearing cache, even rebooted server and it still keeps happening. @Matttagging since I know you were the one who merged the fixed code last time. I can raise a ticket if you'd like and provide ACP/FTP info.

Share this post


Link to post
Share on other sites

I don't know if its the same issue @thetrials but in my case, i use firefox and i have random logouts with latest firefox update 54, but now firefox updated to 54.0.1 and this update fix me the random logouts to my forum.

Share this post


Link to post
Share on other sites
2 hours ago, Natea said:

I don't know if its the same issue @thetrials but in my case, i use firefox and i have random logouts with latest firefox update 54, but now firefox updated to 54.0.1 and this update fix me the random logouts to my forum.

Using Chrome on desktop, Chrome on Phone, and Safari in iPad. I've been able to reproduce using the combination of browsers.

Share this post


Link to post
Share on other sites

I'm also having this issue as well... Being I work from 3 devices. Home PC, Laptop for on the road, then my cellphone. I see the same problem on 3 sites I'm working with all using the current version of software.

Share this post


Link to post
Share on other sites

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...