'Remember Me' checkbox should help you there by setting a cookie to renew your session. However if you haven't logged in for awhile, the cookie will also be expired.
Issue with forum session timeout force logout
- psi29a
- Posts: 5362
- Joined: 29 Sep 2011, 10:13
- Location: Belgium
- Gitlab profile: https://gitlab.com/psi29a/
- Contact:
Re: Crashing on startup in Arch Linux
The forum logs me off regardless of whether I press that checkbox. Sometimes during the same browsing session, only a few minutes after logging in. I've tried clearing my cookies just in case there's some kind of state bug, but it's still a problem.
Re: Crashing on startup in Arch Linux
The same issue for me - the forum logs me off after several minutes.
Writing large posts is annoying now since after pressing "Preview" or "Submit" button it can redirect me to the login page and erase the whole posted text.
Strage, but I did not encounter such behaviour earlier. Can we at least keep the posted text, or consider session as active when user types his post?
Writing large posts is annoying now since after pressing "Preview" or "Submit" button it can redirect me to the login page and erase the whole posted text.
Strage, but I did not encounter such behaviour earlier. Can we at least keep the posted text, or consider session as active when user types his post?
- psi29a
- Posts: 5362
- Joined: 29 Sep 2011, 10:13
- Location: Belgium
- Gitlab profile: https://gitlab.com/psi29a/
- Contact:
Re: Issue with forum session timeout force logout
It's not just here, almost every forum has this issue in my experience so I don't trust any.
I'll look into it and see if we can getting sessions to last a little longer. I wonder if cloudflair has anything to do with it?
Anyway, always write long posts somewhere else first then past into a forum regardless of which forum.
I'll look into it and see if we can getting sessions to last a little longer. I wonder if cloudflair has anything to do with it?
Anyway, always write long posts somewhere else first then past into a forum regardless of which forum.
-
- Posts: 121
- Joined: 16 Jan 2012, 07:58
Re: Issue with forum session timeout force logout
I had this issue too for a while since the semi-recent maintenance. But I haven't had it since clearing out the cookies for the site. Give that a try.
- AnyOldName3
- Posts: 2683
- Joined: 26 Nov 2015, 03:25
Re: Issue with forum session timeout force logout
I think I've only ever had to view the login page here like twice since first signing up a few years ago (discounting the times I've needed to sign in from a new computer). It's not broken for everyone.
Re: Issue with forum session timeout force logout
On my phone (which is a Nokia 301 – Yes, I can afford a smartphone, but no, I don't want one) I've always had some issues with getting logged out. But if I don't check the remember me-button, I've started to get logged out the next time I refresh, even just seconds after. This is on my dumbphone of course, so nevermind me...
Also, web browsing on that phone sucks as you might guess, so it's not much of an issue. I just log in on that phone when I've got absolutely nothing else to do.
Sorry for off topic.
Also, web browsing on that phone sucks as you might guess, so it's not much of an issue. I just log in on that phone when I've got absolutely nothing else to do.
Sorry for off topic.
- psi29a
- Posts: 5362
- Joined: 29 Sep 2011, 10:13
- Location: Belgium
- Gitlab profile: https://gitlab.com/psi29a/
- Contact:
Re: Issue with forum session timeout force logout
Right... so I finally found out why, even as 'admin', I was only ever seeing 'some' of the features I remember from my days as admin on another project. Such as 'cookie settings' and 'server load'. You have to be a 'founder' to see these things... quick SQL update later (didn't want to bother Lgro) and boom, lots of buttons!
Right, first order of business. Cookies were incorrectly set to domain .openmw.org and not .forum.openmw.org, I fixed that. As a result, almost everyone will have to re-login. Be sure to use the 'remember me' button which will set this to 1 year. It is possible that your browser tosses these cookies away and you'll have to re-login.
Second item of business is that sessions automatically expired after 3600 seconds. So you've taken awhile with your post, you come back to it later and type more and hit enter; shit... re-login. I've bumped session timeout to 86400 seconds (a day). If it takes you more than a day to type something, please consider not posting. I still highly recommend that you use something else work with before posting a response here or making a final copy before posting.
Another thing I tweaked was session identification being checked by IP. Your session would be auto-expired if you tried to use another IP. This hits mobile networks hard. I made this less aggressive and to only check on the first 2 octets instead of first 3 octets of an IPv4 IP address (and something comparable for IPv6). So instead of comparing against A.B.C.*, we now compare against A.B.*.* which should help.
We'll fine tune as we go, but I hope this helps.
Right, first order of business. Cookies were incorrectly set to domain .openmw.org and not .forum.openmw.org, I fixed that. As a result, almost everyone will have to re-login. Be sure to use the 'remember me' button which will set this to 1 year. It is possible that your browser tosses these cookies away and you'll have to re-login.
Second item of business is that sessions automatically expired after 3600 seconds. So you've taken awhile with your post, you come back to it later and type more and hit enter; shit... re-login. I've bumped session timeout to 86400 seconds (a day). If it takes you more than a day to type something, please consider not posting. I still highly recommend that you use something else work with before posting a response here or making a final copy before posting.
Another thing I tweaked was session identification being checked by IP. Your session would be auto-expired if you tried to use another IP. This hits mobile networks hard. I made this less aggressive and to only check on the first 2 octets instead of first 3 octets of an IPv4 IP address (and something comparable for IPv6). So instead of comparing against A.B.C.*, we now compare against A.B.*.* which should help.
We'll fine tune as we go, but I hope this helps.
Re: Issue with forum session timeout force logout
Still doing it apparently.
- psi29a
- Posts: 5362
- Joined: 29 Sep 2011, 10:13
- Location: Belgium
- Gitlab profile: https://gitlab.com/psi29a/
- Contact:
Re: Issue with forum session timeout force logout
Any change for anyone else?
For those where it still happens, do you have a dynamic IP?
For those where it still happens, do you have a dynamic IP?