search

digitallyinduced / ihp

🔥 The fastest way to build type safe web apps. IHP is a new batteries-included web framework optimized for longterm productivity and programmer happiness
https://ihp.digitallyinduced.com/
MIT License
4.92k stars 195 forks source link

Issues with authentication cookies? #1856

Open CSchank opened 11 months ago

CSchank commented 11 months ago

Hi @mpscholten and others, has anyone run into issues with the IHP authentication cookie? We've had an issue with 2 (out of maybe 200) students where they suddenly can't seem to log in, and resetting their password doesn't fix it. The only thing that works is to reset cache / cookies or use a different browser. Sorry I don't have any more information for you from the students (I know, this is a pretty terrible bug report!) but I wondered if you had ever run into this before. I wonder if it could be because of our Nginx reverse proxy somehow? Anyways, thanks!

mpscholten commented 11 months ago

I think https://github.com/digitallyinduced/ihp/issues/1172 was created for this. Nginx has a header length limit. If a flash message is too large, it could corrupt the session cookie

A workaround is to increase the header length limit