Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Navigation

    Cloudron Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular

    SOLVED Sign-in needed twice

    Support
    auth
    4
    7
    102
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • yusf
      yusf last edited by girish

      I often need to submit my Cloudron credential twice when signing in to the Cloudron interaface. It's weird. Is this a known issue? How can I investigate?

      M 1 Reply Last reply Reply Quote 0
      • M
        murgero App Dev @yusf last edited by

        @yusf Using 2fa? I have this issue too. It looks like cloudron caches the 2FA token when the login page is loaded as opposed to during login submission. At least, that's what it looks like to me. I get around this by waiting to submit the login data until the 2fa code is about 10-15 seconds to expiring.

        Though may not be related here.

        --
        https://urgero.org

        1 Reply Last reply Reply Quote 0
        • girish
          girish Staff last edited by

          If this is using 2FA, this is most likely because the token "window" was too small. This is fixed in 4.2 (not released) - https://git.cloudron.io/cloudron/box/blob/master/CHANGES#L1656

          1 Reply Last reply Reply Quote 1
          • yusf
            yusf last edited by

            No, 2FA is not activated in this case.

            1 Reply Last reply Reply Quote 0
            • nebulon
              nebulon Staff last edited by

              The issue may be either the csrf protection in the login form itself, or the session timeout/expiration. I've checked that the cookie maxAge is 600000 seconds, so this is unlikely the root case I assume, but maybe if the Cloudron process, which holds the session in-memory is restarted, the session will get invalidated and a fresh login form will be presented.
              I have to test this though on my own as well. In case you can reproduce this easily, that would be great to know how.

              1 Reply Last reply Reply Quote 0
              • nebulon
                nebulon Staff last edited by

                Actually this was easy to reproduce for me now and at least here it is bound to the server process restarting. I guess we should finally move to persistent sessions then.

                1 Reply Last reply Reply Quote 0
                • nebulon
                  nebulon Staff last edited by

                  This has been fixed now with https://git.cloudron.io/cloudron/box/commit/2bde023d4dc783761553a0a7be88650e5885b4ad and should be part of the next release.

                  1 Reply Last reply Reply Quote 1
                  • First post
                    Last post