User session keeps expiring - User session has been expired, please Sign in again - Githubissues

onur-ozkan / feednext

social media app demo

GNU General Public License v3.0

317 stars 86 forks source link

User session keeps expiring - User session has been expired, please Sign in again #80

Closed StarAzure closed 4 years ago

StarAzure commented 4 years ago

User session expires in less than 60 seconds.

This message seems to come from antd - User session has been expired, please Sign in again

createError file:/C:/site/client/.next/static/development/pages/auth/sign-in.js (58034:15) handleAbort /_next/static/development/pages/auth/sign-in.js (57515:14)

onur-ozkan commented 4 years ago

Clear localstorage and cookies on your browser and check it again. Meanwhile I will try to find what makes it happen. I never meet with that problem either on prod or dev environment. @StarAzure

StarAzure commented 4 years ago

@ozkanonur Cleared everything and also tried a different browser (chrome). Also tried the new Edge browser (using for first time) - The session expires on all browsers.

I am doing this on local - Windows 10.

onur-ozkan commented 4 years ago

@StarAzure Did you check the request responses to see they are hitting to correct address ? I am guessing you have incorrect values in constants.ts

StarAzure commented 4 years ago

@ozkanonur Just wondering if you have any suggestions. This keeps happening consistently and I am unable to make any progress.

onur-ozkan commented 4 years ago

@StarAzure Please show me your XHR requests with responses

onur-ozkan commented 4 years ago

@StarAzure show me the responses. Go localhost:8000 and show me the responses of the requests.

onur-ozkan commented 4 years ago

@StarAzure there is still no response informations in screenshots, its only list of the requests. You can see when the app redirects you to login screen. There are no issues on production, and many of the development environments on multiple OS.

onur-ozkan commented 4 years ago

@StarAzure I cant help if I cant get the right answers. Please search about http protocol on the internet

onur-ozkan commented 4 years ago

This issue has been closed. Caused by insufficient explanation.

dany-eudes commented 3 years ago

I'm facing this issue. My environment is also Windows 10.

The login process by the admin user occurs as usual. However, after a minute it is possible to quickly see the expired session message followed by redirection to the login page.

See this relevant message in the console log: Access to XMLHttpRequest at 'http://localhost:3000/api/v1/auth/check-token' from origin 'http://localhost:8000' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

I believe this might likely be that Chrome does not support localhost to go through the Access-Control-Allow-Origin.

To have Chrome send Access-Control-Allow-Origin in the header, just alias your localhost in your /etc/hosts file to some other domain, like:

127.0.0.1 localhost yourdomain.com

For windows users, the hosts file is in C:\Windows\System32\drivers\etc.

There will be more problems for Windows users or others that they are adding Port numbers to URLs in constants.ts. CORS will fail because these are different origins.

See more info here: https://davidsekar.com/asp-net/cors-development-in-localhost

dany-eudes commented 3 years ago

I'm testing a solution as following and it seems to solve the issue for the development environment.

Change the CORS lines in server/src/ main.ts

fastifyAdapter.enableCors ({
        methods: ['GET', 'HEAD', 'PUT', 'PATCH', 'POST', 'DELETE', 'OPTIONS'],
        credentials: true,
        allowedHeaders: [
            '*',
            'Access-Control-Allow-Headers',
            'source',
            'Content type',
            'Accept',
            'x-requested with',
            'x-requested by',
            'Authorization',
             // put others here if you need... 
        ],
        origin: configService.isProduction ()
            ? configService.getEnv ('APP_DOMAIN')
            : [
                  'capacitor://localhost',
                  'ionic://localhost',
                  'http://localhost',
                  'http://localhost:8000',
                  'http://localhost:3000',
                  'http://localhost:4001',
                  'http://fednext.dev:3000',   // if you use a alias domain in your host file
                  'http://fednext.dev:4001',
                   /^http:\/\/fednext.dev(:\d+)?$/,   // Maybe you could use a regex expression
              ],

    })

During these tests I also change this first lines:

   const fastifyAdapter = new FastifyAdapter({
        logger: configService.isProduction() ? false : true,
        trustProxy: '127.0.0.1, 192.168.99.1/24', // <-- here 
    })

But for now I can't tell you if they're really needed or if this is the true solution! ;)