Ubuntu Developer Portal

Get logged out while editing

Bug #1413509 reported by Daniel Holbach on 2015-01-22

This bug affects 1 person

Affects

Status

Importance

Assigned to

Milestone

Ubuntu Developer Portal

Fix Released

High

Michael Hall

You need to log in to change this bug's status.

Affecting:	Ubuntu Developer Portal
Filed here by:	Daniel Holbach
When:	2015-01-22
Confirmed:	2015-01-22
Assigned:	2015-01-22
Started work:	2015-05-18
Completed:	2016-05-15

Target

Distribution
Package	(Find…)
Project	(Find…)

Status	Importance
	High

Assigned to

	Me
	Michael Hall (mhall119)

Comment on this change (optional)

Email me about changes to this bug report

(?)

Bug Description

I regularly get logged out when editing takes longer. First signs of this usually are "can't create plugin", when trying to add a link or picture. Sometimes I get the DjangoCMS login field.

When this happens, all changes are lost.

Tags: Edit Tag help

Related branches

lp:~mhall119/developer-ubuntu-com/cache-cooke-fix

Merged into lp:developer-ubuntu-com at revision 116

Nicholas Skaggs (community): Approve on 2015-05-18

Ubuntu App Developer site developers: Pending requested 2015-05-18

Daniel Holbach (dholbach) on 2015-01-22

Changed in developer-ubuntu-com:
importance:	Undecided → High
status:	New → Triaged

Daniel Holbach (dholbach) on 2015-01-22

Changed in developer-ubuntu-com:
assignee:	nobody → Michael Hall (mhall119)

Daniel Holbach (dholbach) wrote on 2015-01-22:

Not sure if it helps to debug, but when it happens, I sometimes get this issue too:

Forbidden (403)
CSRF verification failed. Request aborted.
More information is available with DEBUG=True.

Daniel Holbach (dholbach) wrote on 2015-04-15:

<dholbach> mhall119, do you know why developer.u.c sometimes logs me out while editing?
<mhall119> dholbach_: yes and no
dholbach_: I'm 99% sure it logs you out because of the middle ware we use to delete session cookies (this was needed to make the china cache efficient, as it stores a copy per cookie)
<mhall119> this should only happen for not-logged-in users though, and the middleware checks for the existance of a user associated with the request to make sure it doesn't delete their cookies
<dholbach_> do we need a bug report for this?
maybe we have one already?
<mhall119> now, I'm > 50% sure that some redirects within DjangoCMS are being triggered before the user is attached to the request object, and so the middleware deletes your session cookie when that happens
<mhall119> dholbach_: I don't think we do, but please file one and assign it to me

Michael Hall (mhall119) wrote on 2015-04-15:

Most likely due to the cache-friendly middleware we created to strip session cookies from non-logged-in user responses.

I need to check that this middleware is actually worth having, and if so I will need to make it more careful about when it delete the cookie.

Michael Hall (mhall119) on 2015-05-18

Changed in developer-ubuntu-com:
status:	Triaged → In Progress

Daniel Holbach (dholbach) on 2015-08-20

tags:

added: site-dev

Daniel Holbach (dholbach) wrote on 2016-04-19:

Is this already solved?

David Callé (davidc3) wrote on 2016-05-15:

I think so, yes

Changed in developer-ubuntu-com:
status:	In Progress → Fix Released

Report a bug

This report contains Public information Edit

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers