My users are being logged out after some time (30 minutes or so but I haven’t timed it) not actively using the site, even though I have the cookie set to expire in 60 days.
So have a look in the dev console to be sure the value is being sent with the login post-check the payload. You can also see the cookies being sent and received.
I’ve never used the option to set a domain, you might try removing that unless you specifically need it, if for nothing else then to narrow down where the problem lies.
I removed the domain and had another look at the cookies. It looks like two are being set for siteSecurity (what I’m using now) and one for security (which I thought I had deleted ages ago, and doesn’t show in Wappler).
I see, Question then. What does your Routes and Page Routes looks like then? Because maybe you are going to have to set up some kinda scheduler work around to check for the security sessions on the index page or whatever route needs to be refresh to set the security provider.
I don’t do SPA website because of these same issues, but I am thinking aloud here.
I see. So, I am assuming you are still having this issue then? If so, have you tried playing around with set cookies or session with a combination of onclick event to refresh the page at least once after each successful login. This way the security provider can set its session.
This one got me thinking because I do not do SPA website with security period.
Maybe link directly to the logout script instead of doing it through a server connect? You could create a route for it so it’s an easy URL and set a redirect when visited.