Why am I quickly logged out despite default 20 min...
# help-with-umbraco
t
I am hosting Umbraco 13 on Azure Web Apps. I have a working setup with a web app and underlying SQL database. However, despite using the default Umbraco.CMS.Global.TimeOut:
"TimeOut": "00:20:00"
I am always logged out within about a minute. I thought it might regard timezones somehow so I have made sure to run the server in the correct timezone but no luck still. Any idea what's going on? I'm trying logging in even in incognito mode to avoid any previous cookies etc.
s
Do you have a cookie plugin on the front end. I've had this before where without some exclusions it was blowing out back office users session cookies and logging them out. Drove everyone crazy.
t
Good idea, but it happened as well in incognito mode where I have no extensions at all. Either way, I solved it by upping the timeout to many hours instead 🙂
s
Not a cookie extension in the browser - but rather front end js that fires if you do / don't accept the cookie policy on the site
d
If I remember correctly, there was also a change that by default you can only have one active session per user. I don't know exactly how it works, but it could be related. 🤷
t
Interesting theory, I tried logging out everywhere but I'm still seeing the logout. It seems to auto-logout after exactly 40 seconds for some reason, crazy!
Despite having 8 hours of timeout. I can even see the hours set correct on the cookies set after logged in.
I'm hosting things on Azure, I wonder if I've maybe messed up some sort of temporary storage folder or something
Oh wait, I'm seeing "Keep alive failed" errors, might explain it?
I do see a
/umbraco/backoffice/umbracoapi/authentication/GetRemainingTimeoutSeconds
call returning:
Copy code
)]}',
0.0
right when it logs me out.
So my guess I end up here in the umbraco source:
Copy code
[HttpGet]
    [AllowAnonymous]
    public async Task<double> GetRemainingTimeoutSeconds()
    {
        // force authentication to occur since this is not an authorized endpoint
        AuthenticateResult result = await this.AuthenticateBackOfficeAsync();
        if (!result.Succeeded)
        {
            return 0;
        }
https://github.com/umbraco/Umbraco-CMS/blob/422218ea1599e961385eca4ec92a5cafb8fbe5f2/src/Umbraco.Web.BackOffice/Controllers/AuthenticationController.cs#L244
changing
Security__AllowConcurrentLogins
to
true
seems to fix it no idea why, I am only logging in at one place/one browser
39 Views