-
Notifications
You must be signed in to change notification settings - Fork 236
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
check isLoggedIn() not working consistently #279
Comments
I can't see your application logic, but I have experienced unexpected cache behavior on xhr/ajax http requests. If you are checking this status on every ajax call to a protected request, perhaps it's simply cahed responses? IDK. If this is suspected, adding a cache busting timestamp query parameter to the end of your query string will rule this out. I use PHP Auth a lot and have never run into inconsistent isLoggedIn() responses when directly called from the PHP app. It was only ever when dealing with ajax requests that I ran into this. Unrelated to your question but I moved away from Xamp and other local webservers in favor of using Docker containers that replicate my exact hosting environment so that I can remove any discrepancies between development and production. If this is interesting at all to you, check out my local dev stack found here: https://github.com/PremoWeb/SDK-Foundation-Vue. Gives me a Vue 3 front-end and PHP backend using Fat Free Framework. The important bits are the Dockerfile and docker-compose.yml at the root of the project. Grab those and install Docker for Desktop on your machine and you're now able to develop websites using PHP 8.1.x and Nginx (provided docker image by me). In my scenario, I also deploy the exact same container to my Caprover PaaS servers so I know my production system is identical to the local development environment. No more discrepancies, ever. |
Thanks for your response. Unfortunately, it is exactly the opposite behaviour. When I use AJAX to retrieve data, everything works fine. The problem happens when I try to call isLoggedIn in the creation of a web page. |
Okay, very interesting. |
Thank you for your question, @NopMap , and thanks a lot for helping, @maietta !
|
I had a similar problem with Auth and AJAX, session_write_close() fixed it for me. You can call it right after Auth is done, or at the end of your script. |
I too encountered this problem. Also using Fat Free framework. I also use ajax for login request. What's strange, is that if I login with "rememberDuration" isLoggedIn value is present. If not - it does not validate and therefore does not write anything to session. Trying to wrap my head around this... Update: Seems problem is that 'auth_user_id' in session is not set if 'rememberDuration' not selected. How is that 'auth_user_id' is set in session after successful login? |
Is there a solution for this? When I call up the page via a link, isLogged() is not executed. Only when I fire the URL in the browser with an Enter. Is this possibly a cache setting of PHPAuth? |
If you use F3 framework, than it is related with sessions in database. Particularly this bit of code:
I just commented out return part of code. It is related to IP change within the session. In current times, when visitors use mobile internet with changing IPs this creates problem. |
I have a very strange issue with isLoggedIn() not always reporting the correct state.
I am using some editing functions and AJAX to maintain lists of data. The whole thing is protected with Auth, you need to login first and all write operations are protected with checks whether you are logged in and have admin rights. The login page is designed to show a login form if you are not logged in and a logout button otherwise.
The whole setup works fine when testing locally with Xampp, so my code should be ok. But when I move my stuff to the real server, the logged-in detection on the login page fails, it always claims that I am not logged in, even right after login. All other editing functions that check for login work and allow access, so the login information is there, just on this one page it is somehow returning false.
The behaviour is 100% reproducible. Reducing the sync interval to 5 seconds did not change it.
Both local and remote server use PHP 7.3 with mySql DB.
This issue sounds like it may be related: #237
Do you have any idea what could cause this behaviour?
The text was updated successfully, but these errors were encountered: