When the logged-in user's session expires, the app does not respond by auto-logging the user out, which then allows the user (thinking they're still logged in) to add items to a user account with no id (shows up as user 0)
Solutions to this may be implementing a 'heartbeat' that will automatically reload the page when the session has expired, or adding error response handling to ajax calls to return a response noting the not logged in error.
When the logged-in user's session expires, the app does not respond by auto-logging the user out, which then allows the user (thinking they're still logged in) to add items to a user account with no id (shows up as user 0)
Solutions to this may be implementing a 'heartbeat' that will automatically reload the page when the session has expired, or adding error response handling to ajax calls to return a response noting the not logged in error.