ovity / octotree

GitHub on steroids
https://www.octotree.io/
GNU Affero General Public License v3.0
22.85k stars 1.78k forks source link

Keep getting logged out #1161

Open theCapypara opened 1 year ago

theCapypara commented 1 year ago

Description

Octotree keeps logging me out. This seems to be an issue with the API. I opened the inspector for the extension and can see that requests are regularly failing.

When that happens the extension immediately logs out.

Environment (if bug)

_generated_background_page.html:1 Access to fetch at 'https://www.octotree.io/api/v1.0/users/token/refresh' from origin 'chrome-extension://bkhaagjahfmjljalopjnoealnfndnagc' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.

danhgit commented 1 year ago

Hi, we can't reproduce this issue. Is it still happening? If it is, can you check if you happen to have some other extension or behind firewall that blocks requests to Octotree?

theCapypara commented 1 year ago

Hi! I can't test at the moment, will do in a couple of weeks when I'm back at work, but to add some context, I already looked a bit more into this, and it seems that every time this error occured your API has returned 500s without the Access-Control-Allow-Origin headers. I don't think another extension is interfering, as I was able to reproduce it with CURL by just cppying the Request as CURL from the Chrome Dev Tools. It seems the API is returning 500s randomly for a short time and then functions again.

This has been going on for 2-3 months for me before I opened the issue.

danhgit commented 1 year ago

Hi @theCapypara is there any update?

theCapypara commented 1 year ago

Hi thanks for asking! The issue did not really get better, so I stopped using Octotree for a while. Will install again and see if it got any better now.

theCapypara commented 1 year ago

@danhgit Sadly this is still happening. Today I just get logged almost immediately. Here's a screenshot from the extensions inspector: image

danhgit commented 1 year ago

Thanks. I appreciate you tested it. This is very strange because we do send CORS headers with that API call. Can you email me at support@octotree.io with a screenshot of the response headers for the api/v1.0/users/token/refresh API call?

theCapypara commented 1 year ago

Will do, I actually ran the extension today again and everything was fine. But next time this happens I'll record the headers and send them.

However I kinda also think I got the issue: It seems that whenever there is a Gateway Timeout, Internal Server Error or Too Many Requests* response, there are no CORS headers sent in the response and the extension logs me out.

*: Although the Too Many Requests response also makes no sense, I made the last screenshot 10 minutes after my previous attempt to get the extension working. In general I guess it's odd I'm running into so many errors.

theCapypara commented 1 year ago

Today this happened again, I was unable to really use the extension at all. I have sent the response information via email.

danhgit commented 1 year ago

@theCapypara sorry for taking long to get back. This has taken quite a bit of investigation. I'm sending you an email to follow up.

ivan-moto commented 4 months ago

Not sure if it's the same issue but I get asked to log in every single day. Would be nice to fix that.