Session and Cookies not stored

Wappler 5.5.3
Local Docker image
NodeJS
Browser: Firefox, Edge,

Hello guys,
I need your help. I’m struggling for 3 days now and I can’t solve the problem. Which is the following:

I set up my global site security along with user login, logout and user details. I followed the steps provided by the documentation for the login and logout procedure. The problem is, as soon as the page gets refreshed after the login, the session doesn’t exist anymore and the user is logged out again. If I just hit the login button and remove the page redirect, and then fetch the user identity, it returns the right ID. So it has to do something with sessions/cookies.
I searched all possibilities as to why this occurs but I can’t put my finger on it. It seems to me, my configuration is wrong somewhere.

Firefox gives me the following hints:


But I also read, it is normal to set a past date when you want to delete the cookie. But that’s not really the case for me. This message also pops up, when I tick the remember me checkbox. Edge gives me the following:


It seems like a session is being created but it has no use?

User logout has no auto load, just in case you where wondering.

Am I missing something obvious here? Unfortunately, I couldn’t find any similar case in the forum. I read all posts regarding failed user logins and tried all proposed solutions, but none seems to work.

Thank you for your time!

Hello guys,
just checking again if there is any hint you can give me or if you need more information to track down the problem.
Thank you very much!
Cheers!

Hi @jowhiskey, I think a few of us are experiencing similar issues. I’m wondering if something changed with Wappler in one of the last updates because I only recently started to experience a similar issue. Hopefully, Patrick will find a fix for the next release.


Hello Keith,
thank you for your response! I really thought, I am the only one that has this occurrence.
Really seems like it is a bug or a wrong setting. Since I am only using Wappler for 1 week, I had no before and after update comparison.

I should mention though, that I am developing a website, not an app.
I also didn’t use redis at first, but switched to it since I figured, this would solve the problem, which it didn’t.

Cheers, Johannes

ok, maybe you’re having a slightly different issue. Do you have the Secure checkbox checked on your Security Provider in Globals Server Actions?

Most of the messages are just warnings.

The Same Site option is to let the browser know where it can serve the cookie, in old browsers cookies were always send, now you have to tell the browser if it is allowed to set the cookie when the page is loaded in other domain or not, it will default now not allow setting a cookie in a 3rd party domain when it is not explicit set.

Setting a date in the past is a valid way to expire a cookie, not sure why it would warn you for that. The only thing I can think of is that it was setting this initially, so you direct logout after a login and setting the past date on the initial cookie.

The secure option error from Edge is also a bit strange since the site isn’t served over https. It is best practice to use https and set the secure option, but for the dev server it should not be set since it isn’t served over https.

Hello Keith,

I already tried it both checked and unchecked and it didn’t make any difference. But thank you for the hint nonetheless!

Hello Patrick,
thanks for your response!

The thing with the cookies makes totally sense and I also don’t need to set cookies on another domain, so that’s fine. I just figured, maybe the browser blocks the session and/or the cookie for that reason and I am not able to store the user session.

I have also tried to clear the cookies but it didn’t help. And the problem occurs on multiple browsers.

Yeah I have read that in another forum post about the secure option. Like I said in my response to Keith, it didn’t make any difference.

I will continiue to try and understand this issue. The frustrating part right now is the fact, that I don’t know if I did something wrong or if there is an underlying issue on which I happened to stumble upon.

Thanks again for your time!