-
Notifications
You must be signed in to change notification settings - Fork 38
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
PWA keeps signing me out #7109
Comments
cc: @zakhap @sachben91 @ForestMars, I added a bit of additional context |
This is needed for the |
Quick update. I'm working on this now and trying to figure out what is happening. I investigated running it on the iOS Simulator on MacOS but it won't allow app install so I can't install Metamask to verify. I was going to change my system clock to verify but I can't do that now. I'm going to try to debug this on my iPad and try to change the system time there to see if I can reproduce this. There's also the issue of whether it's an issue on Android too. I authenticated on Android and will see if it expires my session. I think once I debug on my iPad that I can fix this quicker. |
I confirmed this is happening on android too. I'm going to try to debug it there as it's easier to debug remotely on android. It's probably the same bug. |
Re-confirming on Chrome for the desktop. Logged in on Apr 27 at 10:15AM |
OK. I know what the root cause is. The connect-id cookie is a session cookie so this impacts ALL browsers that authenticate this way. Not just metamask or iOS. Now that I now it's easy to track down (and it's not related to a mobile device) it's going to be easier to resolve. We're probably not specifying a session length or maybe it's just getting ignored. |
This impacts social login too... the cookie is connect.sid for social login. I need to double check the name for the one for walllet connect. |
What do we want to set as the expiration. Also, should we extend the expiration each time they log into the app or should it have a fixed cliff? |
Would be great to refresh expiration as they log in again before initial
expiration .
I think there is a previous ticket that said we ought to extend sessions to
14 days.
As a note, we’ll have to update the session length within our “canvas
session key provider” and within Magic (they set a separate session length)
Sent via Superhuman iOS ***@***.***>
…On Sat, Apr 27 2024 at 2:26 PM, Kevin Burton ***@***.***> wrote:
What do we want to set as the expiration. Also, should we extend the
expiration each time they log into the app or should it have a fixed cliff?
—
Reply to this email directly, view it on GitHub
<#7109 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ABIWMHNDOMHKJEWAZQBS7LDY7PUXBAVCNFSM6AAAAABEWJXUTWVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDAOBRGEZDEMBRGU>
.
You are receiving this because you commented.Message ID:
***@***.***>
|
@dillchen So basically you want a constant 14 day extension? I'm going to to test all auth providers to make sure we handle these properly. |
I created a new ticket just for solving the cookie session length issue What I'm going to do now is just set 14 days fixed if the session length isn't set: |
Sounds good!
Sent via Superhuman ***@***.***>
…On Mon, Apr 29, 2024 at 11:29 AM, Kevin Burton ***@***.***> wrote:
I created a new ticket just for solving the cookie session length issue
What I'm going to do now is just set 14 days fixed if the session length
isn't set:
#7595 <#7595>
—
Reply to this email directly, view it on GitHub
<#7109 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ABIWMHOUPA62TSKKCHTV62TY7ZRMRAVCNFSM6AAAAABEWJXUTWVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDAOBTGA2DCNJTGA>
.
You are receiving this because you were mentioned.Message ID:
***@***.***>
|
I have a PR for this but I need to figure out the interval for sessions. 2 weeks, 1 month, 1 year? I need an answer from the product team |
This PR is done but I don't know what's up with master being ready to merge. |
Describe the bug
The PWA appears to sign me out a few after I've signed into it on my phone
Initial conditions
re-opening the PWA after around 16-24 hours
Environment:
production
Browser:
iPhone 12 mini
Wallet:
was signed in with metamask, using walletconnect
Reproduction steps
Actual behavior
Expected behavior
Reporter
@sachben91
Additional context
We will need to make sure to fix on:
and we probably need to double check each authentication type
The text was updated successfully, but these errors were encountered: