Security Login Remember

Wappler General
1

@patrick I believe this is up your alley.

I have mobile app users reporting they are having to login again after leaving the app running in the background, and coming back to it 24ish hours later.

Currently setup as:

Screen Shot 2020-09-16 at 4.52.01 PM
Screen Shot 2020-09-16 at 4.52.01 PM1154×1272 61.9 KB
Screen Shot 2020-09-16 at 4.51.09 PM
Screen Shot 2020-09-16 at 4.51.09 PM860×564 26.3 KB

Generally the remember option works, so my question to you is really is on the troubleshooting side.

I’m wondering what could interrupt this process? New php code loaded? Apache restart? mySQL restart? Same user logging into different devices?

Obviously the client clearing their cookies would do it, but so far that doesn’t seem to be the case.

Reports are from iOS users, although we have not ruled out this happening on Android.

Appreciate any areas you can suggest I investigate!

–Ken

1 Like
2

@George @patrick @Teodor any guidance here?

Here is an example, albeit using the Simulator.

Screen Shot 2020-09-22 at 10.46.34 AM
Screen Shot 2020-09-22 at 10.46.34 AM2752×590 100 KB

The sequence of events BEFORE this login.php was run, is that the Security Provider on the server reports no user id. Therefore, the user attempts to login.

However it puzzles me that the siteSecurity cookie is sent along with the login request…given that the siteSecurity cookie is set for 365 days, shouldn’t that have kept the user logged in?

Is this because on mobile, there is no domain to speak of?

3

You and some others are those who push Wappler’s limits forward with the way they are using it. Keep on!

1 Like
4

Hi. Very similar to the SameSite problem: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite

1 Like
5

Ya, I think I’ll have to revisit the domain I am setting – I can’t recall if that made something work properly, or was just something I tried along the way.

6