Being logged out at random durations

arimareiji · Jul 27, 2024

If so, no worries: Is it normal to be asked to log back in every day or two, sometimes a week or two, at random intervals despite not having logged out or cleared cookies or whatnot? (Most recently within the last 15-ish minutes, it's not just at night or any suchlike.)

arimareiji · Aug 20, 2024

Akule said:
I have the same extensions for both browsers, so the only real difference is Chrome vs Firefox. I have everything set to keep me logged in, but for example, when I was working in another tab and then just came back to Mangadex just now, it treated me as not being logged in, but a simple refresh of the page made it realize that I was actually logged in.

Huh. I'll have to give that a try next time it happens.

BraveDude8 · Aug 20, 2024

Akule said:
it treated me as not being logged in, but a simple refresh of the page made it realize that I was actually logged in.

This sounds like your session token for auth.mangadex.org is still valid, but the association with mangadex.org is being broken by your browser somehow.

Roler · Aug 21, 2024

Akule said:
I have the same extensions for both browsers, so the only real difference is Chrome vs Firefox. I have everything set to keep me logged in, but for example, when I was working in another tab and then just came back to Mangadex just now, it treated me as not being logged in, but a simple refresh of the page made it realize that I was actually logged in.

I was getting a weird recaptcha error occasionally for about a week, so I assume it is something with that and generic Firefox. I simply don't have the problem in Chrome.

I use Firefox too but don't have any issues, except if I leave the mangadex tab open while the PC is asleep, because the access token doesn't refresh while the PC is asleep, but that is easily solved by just reloading the page which forces a refresh.

Note: in the browser console, if you have debug\verbose logging enabled, every 15 minutes you'll see "Session token expiring... attempting silent refresh", you can try and check if it's followed by an error or something if you know how.

arimareiji · Aug 22, 2024

Roler said:
I use Firefox too but don't have any issues, except if I leave the mangadex tab open while the PC is asleep, because the access token doesn't refresh while the PC is asleep, but that is easily solved by just reloading the page which forces a refresh.

Note: in the browser console, if you have debug\verbose logging enabled, every 15 minutes you'll see "Session token expiring... attempting silent refresh", you can try and check if it's followed by an error or something if you know how.

Any idea what the purpose of this is?

Roler · Aug 22, 2024

arimareiji said:
Any idea what the purpose of this is?

It's the authentication method MangaDex uses for security and possibly for performance reasons.

MangaDex uses OAuth 2 with short-lived access tokens (15 minutes) and long-lived refresh tokens (90 days). Access tokens are sent to every request to the API that needs auth, while refresh tokens are only sent to the Keycloak authentication server.

https://api.mangadex.org/docs/02-authentication (MangaDex's official web frontend uses a Public client, which are currently unavailable to register for the general public)

Akule · Aug 25, 2024

BraveDude8 said:
This sounds like your session token for auth.mangadex.org is still valid, but the association with mangadex.org is being broken by your browser somehow.

It's been even longer now since the last time the recaptcha error happened, so whatever was causing that seems to be fixed.

I think it's what Roler mentioned. I'll have to see what the error says when the silent refresh fails.

Roler said:
I use Firefox too but don't have any issues, except if I leave the mangadex tab open while the PC is asleep, because the access token doesn't refresh while the PC is asleep, but that is easily solved by just reloading the page which forces a refresh.

Note: in the browser console, if you have debug\verbose logging enabled, every 15 minutes you'll see "Session token expiring... attempting silent refresh", you can try and check if it's followed by an error or something if you know how.

Hm. I noticed the Session token expired message, and the silent refresh. It successfully refreshed when I went back to the tab.

The next time I get the logout, I will see what the console says.

arimareiji · Aug 25, 2024

Roler said:
It's the authentication method MangaDex uses for security and possibly for performance reasons.

MangaDex uses OAuth 2 with short-lived access tokens (15 minutes) and long-lived refresh tokens (90 days). Access tokens are sent to every request to the API that needs auth, while refresh tokens are only sent to the Keycloak authentication server.

https://api.mangadex.org/docs/02-authentication (MangaDex's official web frontend uses a Public client, which are currently unavailable to register for the general public)

Thank you, I just got the chance to test it and reloading did the trick.

Akule said:
It's been even longer now since the last time the recaptcha error happened, so whatever was causing that seems to be fixed.

I think it's what Roler mentioned. I'll have to see what the error says when the silent refresh fails.

Hm. I noticed the Session token expired message, and the silent refresh. It successfully refreshed when I went back to the tab.

The next time I get the logout, I will see what the console says.

Keeping my fingers crossed that reloading will work for you too upon getting the logout, if it hasn't already. (Not sure.)

Akule · Aug 28, 2024

Roler said:
I use Firefox too but don't have any issues, except if I leave the mangadex tab open while the PC is asleep, because the access token doesn't refresh while the PC is asleep, but that is easily solved by just reloading the page which forces a refresh.

Note: in the browser console, if you have debug\verbose logging enabled, every 15 minutes you'll see "Session token expiring... attempting silent refresh", you can try and check if it's followed by an error or something if you know how.

I finally got the error again. A refresh cleared it, but here is the error from the console:

This site appears to use a scroll-linked positioning effect. This may not work well with asynchronous panning; see https://firefox-source-docs.mozilla.org/performance/scroll-linked_effects.html for further details and to join the discussion on related tools and features!
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://auth.mangadex.org/realms/mangadex/protocol/openid-connect/token. (Reason: CORS request did not succeed). Status code: (null).

Roler · Aug 28, 2024

Akule said:
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://auth.mangadex.org/realms/mangadex/protocol/openid-connect/token. (Reason: CORS request did not succeed). Status code: (null).

MDN

The HTTP request which makes use of CORS failed because the HTTP connection failed at either the network or protocol level. The error is not directly related to CORS, but is a fundamental network error of some kind.

In many cases, it is caused by a browser plugin (e.g. an ad blocker or privacy protector) blocking the request.

Since you mentioned it happens only in Firefox, most likely a client-side block. Could be any extension (doesn't necessarily need to be an intentional block, could be an extension bug too) or messing with a browser setting (like "Enhanced Tracking Protection").

Being logged out at random durations

arimareiji

arimareiji

BraveDude8

Head Contributor Wrangler

Roler

arimareiji

Roler

Akule

arimareiji

Akule

Roler

Similar threads

Users who are viewing this thread