Closed Entkenntnis closed 3 years ago
The frontend sometimes show that you are logged in, but you can't see the buttons -> authorization request is silently failing.
This often happens after a certain timespan (?) or after deployments. (server? api?)
Does this also happen in production?
Yes, this happened twice for me on production - relogin solves the issue.
Botho found a failed refresh:
/auth-refresh -> Status 500 -> Token not valid
/api/auth/auth-refresh is the culprit here: This route is often very slow and fails to refresh to token sometimes, which leads to a messy state in the frontend.
Quickfix for the moment: As long as refresh is not working reliably, don't attempt to refresh, but delete token and refresh window -> avoid invalid states in the frontend and let user relogin.
If logged in in the frontend, you will get logged out after 2h.
Needs investigation.