Originally reported by @ldworkin. Seems like something like the following happens (more likely when a HIT is banked):
User opens HIT from dashboard (1)
User accidentally opens the same HIT in a separate tab, from dashboard (2)
HIT 1 authenticates and stores login token to local storage
HIT 2 authenticates but does not see the local storage token from HIT 1, as that is on a 3 second poll
HIT 2 overwrites the login token in local storage, causing HIT 1 to log out and be unresponsive
A workaround is to tell users not to open the HIT in multiple tabs, but we should make this more robust. It does seem like Meteor in general is less likely to observe this issue because there is no URL-generated auto login. It is a rather edge case when two URL logins are opened nearly simultaneously.
Originally reported by @ldworkin. Seems like something like the following happens (more likely when a HIT is banked):
A workaround is to tell users not to open the HIT in multiple tabs, but we should make this more robust. It does seem like Meteor in general is less likely to observe this issue because there is no URL-generated auto login. It is a rather edge case when two URL logins are opened nearly simultaneously.