search

standardnotes / forum

Support from other community members. For 1-on-1 help, please contact help@standardnotes.com.
https://forum.standardnotes.org
198 stars 8 forks source link

Self-hosted version requiring login multiple times #3770

Open gdcmarinho opened 1 week ago

gdcmarinho commented 1 week ago

Describe the bug The app requires login repetitive times by no reason. No matter how many times I submit my login credentials.

To Reproduce Steps to reproduce the behavior:

  1. Just open the app and wait a few seconds.

Expected behavior No require login each 3 or 5 seconds.

Screenshots requiring-login

Desktop (please complete the following information):

tinker45 commented 1 week ago

also experiencing this issue with Linux Desktop Clients in versions 3.195.1, 3.195.11, and 3.195.3. I rolled back to Docker Image standardnotes/server:5c02435ee478b893747d3f9e41062aae12d7ff10 and it resolved the issue.

kjleitz commented 1 week ago

Also experiencing this on the latest stable release of the MacOS desktop app (3.194.13) when trying to connect to my self-hosted server. Mobile app works fine, but desktop app has this repeating login issue.

Prevented me from using my Offline Activation code since the iOS app doesn't let you enter it. Ended up having to self-host the web app, too, just to enter the code.

Currently it's also preventing me from setting up automatic backups, because the desktop application is required.

Tried downgrading the server to the image @tinker45 suggested, which did allow login. Then upgraded the server to latest again, and the auth persisted across an app restart. I don't know how long it will persist, though... maybe until next auth?

I would really rather not run the 7-month-old image full-time. It's not clear to me what has changed since then.

From the commit for the last release it looks like all the CHANGELOG.md updates only mention version bumps. 🤷‍♂️

There's also the fact that the rollback image we're discussing is from March, in between the January release and the June release (see the image tags for standardnotes/server on Dockerhub), and it's not mentioned in any of those CHANGELOG.md updates AFAICT. I'm not sure how to find out what's in that one.

The only possibly relevant thing I can see from skimming the changes in the last release is maybe this addition of COOKIE_DOMAIN and some other COOKIE_* environment variables to the auth service. Maybe the authentication cookie is scoped to a certain domain by default (or the domain of the self-hosted app) and you need to set it to the domain of your self-hosted server in order for the cookie to actually work, and this instruction was accidentally omitted from the .env.sample that you copy into your server and modify during setup? That would make some sense, considering that the Domain attribute on the Set-Cookie header (MDN) is used in this kind of way.

I'm a little concerned, though, that there haven't been any releases in the past 4 months, and that this forum seems maybe to be unmonitored...? Am I yelling into the void, here?

Edit: Some system info.

App: OS: MacOS Sonoma (14.7) Version 3.194.13

Server: OS: Ubuntu Server 24.04 Server version: latest Running via docker-compose according to the official guide.

kjleitz commented 1 week ago

I hate to ping maintainers directly, but given how little activity there is here... @karolsojko you alive?

acmartinsalmeida commented 1 week ago

SOLVED by #3635

same for me on fresh install, last versions of server (docker method)

Get an error about cookie in server logs logs/auth.log

{"application":"Desktop-3.194.13","level":"error","message":"No cookies provided for cookie-based session token."...