New session on every refresh
Created 5 years ago by simon_at_evolutednet

Hello. I've been having an intermittent problem recently using Pyro where I can't log into the CMS because the CSRF token check fails. After a bit of investigation, it looks like something triggers an odd state where new sessions are created for every refresh losing the link between user and token. The sessions are stored in the database and I can see a new session appear for every refresh so there's no problem writing the session on the server. This solves itself after a short time.

Has anyone seen anything like this? I'm guessing it's a Laravel issue but wanted to ask here first. Using Pyro 3.4.

william  —  5 years ago

Have you made sure your time zone and server date is correct?

ryanthompson  —  5 years ago

Are you using debug mode with the debug bar? We've recently discovered that the debugbar creates issues with sessions.

simon_at_evolutednet  —  5 years ago

Both the .env file and server are set to use UTC and the time looks right. I think I have seen the issue both with and without debug mode on but I'll keep an eye out and see if there's a correlation. Thanks.

simon_at_evolutednet  —  5 years ago

Just had this happen again and disabled debug mode. It didn't help. Any more suggestions?