Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor

  • Default (No Skin)
  • No Skin
Collapse

Cloudron Forum

Apps | Demo | Docs | Install

Sign-in needed twice

Scheduled Pinned Locked Moved Solved Support
auth
7 Posts 4 Posters 348 Views
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • yusfY Offline
    yusfY Offline
    yusf
    wrote on last edited by girish
    #1

    I often need to submit my Cloudron credential twice when signing in to the Cloudron interaface. It's weird. Is this a known issue? How can I investigate?

    murgeroM 1 Reply Last reply
    0
  • murgeroM Offline
    murgeroM Offline
    murgero App Dev
    replied to yusf on last edited by
    #2

    @yusf Using 2fa? I have this issue too. It looks like cloudron caches the 2FA token when the login page is loaded as opposed to during login submission. At least, that's what it looks like to me. I get around this by waiting to submit the login data until the 2fa code is about 10-15 seconds to expiring.

    Though may not be related here.

    --
    https://urgero.org
    ~ Professional Nerd. Freelance Programmer. ~
    Matrix: @murgero:urgero.org

    1 Reply Last reply
    0
  • girishG Offline
    girishG Offline
    girish Staff
    wrote on last edited by
    #3

    If this is using 2FA, this is most likely because the token "window" was too small. This is fixed in 4.2 (not released) - https://git.cloudron.io/cloudron/box/blob/master/CHANGES#L1656

    1 Reply Last reply
    1
  • yusfY Offline
    yusfY Offline
    yusf
    wrote on last edited by
    #4

    No, 2FA is not activated in this case.

    1 Reply Last reply
    0
  • nebulonN Online
    nebulonN Online
    nebulon Staff
    wrote on last edited by
    #5

    The issue may be either the csrf protection in the login form itself, or the session timeout/expiration. I've checked that the cookie maxAge is 600000 seconds, so this is unlikely the root case I assume, but maybe if the Cloudron process, which holds the session in-memory is restarted, the session will get invalidated and a fresh login form will be presented.
    I have to test this though on my own as well. In case you can reproduce this easily, that would be great to know how.

    1 Reply Last reply
    0
  • nebulonN Online
    nebulonN Online
    nebulon Staff
    wrote on last edited by
    #6

    Actually this was easy to reproduce for me now and at least here it is bound to the server process restarting. I guess we should finally move to persistent sessions then.

    1 Reply Last reply
    0
  • nebulonN Online
    nebulonN Online
    nebulon Staff
    wrote on last edited by
    #7

    This has been fixed now with https://git.cloudron.io/cloudron/box/commit/2bde023d4dc783761553a0a7be88650e5885b4ad and should be part of the next release.

    1 Reply Last reply
    1

  • Login

  • Don't have an account? Register

  • Login or register to search.
  • First post
    Last post
0
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Login

  • Don't have an account? Register

  • Login or register to search.