I'm using Laravel 5.1.34 with sessions stored using the file driver and I'm experiencing some weird behaviours on my production server:
Quite randomly the logged user session expires and the user gets kicked out, even after a few seconds of activities.
It happens for instance with the admin user.
Could it be that using the same credentials from different browsers might invalidate the session for the latest user who logs in?
I've tried to find something about it on the internet but with no luck.
Related
I'm running a PHP application on Heroku and handling sessions using Memcachier add-on.
What Works:
- Memcachier successfully keeps users logged in through new deployments to Heroku.
What Doesn't Work
- Users will get logged out randomly throughout their time in the web application.
How do I get the user sessions to stay logged in (until the user logs out - or some other automatic login policy we put in place)?
Memcache is not recommended for storing sessions as it is a cache and not a persistant cache. What this means is that any key/value pair can get pushed out by new pairs if the cache is full. To get session persistance either switch to a different memcache server (with persistance) or store you sessions differently (eg: in a database)
I am using laravel 5.1 with Sentinel - Cartalyst auth driver. Problem is that Laravel can't "keep" users logged in. After some time (when they visit website) it automatically kicks them out with error that they are not logged in (I have filter that checks if user is logged in for every route expect login route). It really bugs me and I can't fix it.
I tried using cookies, file and database driver for keeping login sessions and they all fail.
Does someone knows how to deal with this problem? I am bulding project for Intranet users (under local domain)... Maybe that could be problem? Also I notice that cookies expiration time is current datetime that laravels sets for max expiration time.
Are you sure you imported the correct namespace path to Cartalyst? I had an issue with sessions not persisting and it was caused by importing the native php Cartalyst class rather than the laravel one. It should be something like Cartalyst\Sentinel\Laravel\Facades\Sentinel::class
I have users that will use tablets to connect to my web application built with Symfony2. Remember me feature is great as it will not force them to log in every time.
My concern is if one of the device is stolen, the user session will remain active on that device because of the remember me cookie.
Is there a way for an admin user to log in and manually delete the user session that has the remember me?
I am working with the application using LDAP authentication in ZF2. I have given the logout option to exit from my application. If I click the log out button, then it is asking to enter the login credentials, It is fine.
Suppose, I closed the browser without clicking the log out button then open a browser again and access to my application url it does not ask login credentials which means that LDAP session still exists.
How can I clear the LDAP session on closing the browser and or accessing the application again, it should ask the Login credentials (username and password).
Please help me to solve this issue.
The method of authentication should not matter - whether you are using LDAP, MySQL tables or anything. You didn't mention if you are using a module (such as ZfcUser) for authentication, or vanilla ZF2, or how your sessions are configured.
From the information given, one of these should help you find your problem:
1) You are using a browser that is staying open "in the background", thus the session is staying open when you re-open the browser. To double check this, have a look at your process list / task manager for your OS and ensure the browser process has been exited completely.
2) You are storing the session using cookies (so that the session carries across a period of time, rather than a single browser session). Look into the use_cookies, cookie_lifetime and remember_me_seconds session configuration options in ZF2.
I'm building a quick application for some data-vis, I need to let users log in from my local machine and then log out, allowing the next user to log in. However, every time I log in and then out of the application, when I try to log in again the application remembers that I logged in as the previous profile and auto logs in the last user. Is there a way to keep this from happening?
I am using the PHP SDK and using $facebook->destroySession(); in my logout.