I have an app running and this seems to be fine unless a specific process happens in mobile. When leaving the app on the dashboard for some time and going back after the session time has laps. I log back in to the app then clicking on the link in my plugin that is using the banno-plugin-framework-bridge deeplink the page is asking for authentication even though the app already asked for login for the app. I am not saving anything in session just authenticating. The only way I have found to resolve is to leave the dashboard screen and come back and click the link.
This does not happen in desktop so this has been harder to solve. I tried adding logs but because it is redirecting to the login for authentication I am not able to render a reason for it to need to authenticate again. When I tried in desktop to see if there was a session that I can target I am not seeing anything come back with javascript call "document.cookie"
Related
Issue: appears to be that banno framework is "remembering" the urls. This is happening in a mobile browser when the user does not close the tab or browser. When the user opens the page, banno is remembering the url from last time and trying to load the same url.
What needs to happen is that banno needs to fully reload the page so that we can go retrieve a new url and log the user in again.
Could it be how they treat plugins when a browser is left open. A url that is loaded is not good forever.
Odds are good that the situation you're encountering is described in https://stackoverflow.com/a/71267143/6680761
Essential info from that link is:
Part of keeping state of the page is keeping authentication data. The OAuth flow used to initially authenticate the user is not intended to be used on every page refresh. It's expected that the embedded web application will keep its own authentication state. How this is done is usually very specific to the language and platform used for the embedded web application. However all strategies almost exclusively use a cookie which is destroyed when the application closes.
The Oauth callback URL with an authentication code should be redirected away from once the code is exchanged for an access token. From that point forward your app should be using its own authentication mechanism.
I'm trying to utilize the localStorage in a chrome browser to implement a login feature using Angular. I'm using this resource as reference: http://jasonwatmore.com/post/2016/08/16/angular-2-jwt-authentication-example-tutorial.
The problem is when I save a variable in localStorage using
localStorage.setItem('currentUser', JSON.stringify({ username: username, token: token }));
the app passes authentication and redirects to a welcome screen. However, in the chrome dev tools->application->Local Storage->http://localhost the variable appears and then disappears in about a second. I verify that it is no longer saved becuase trying to refresh redirects me back to the login page.
Why would the localStorage be clearing my data when nowhere in my code do I call localStorage.clear?
I even downloaded Jason Watmore's github project from the link above and when running that application I get the same problem.
To reproduce:
run app in chrome
login using the given credentials
view localstorage from chrome dev tools
refresh page and it will ask to login again
EDIT :
It appears to be working now and I have no idea why. What I did was restart my computer, and consequently the my servers as well and now the variable remains in localStorage as expected. If anyone could shed some light on what was going on under the hood I would be grateful.
We have a project built in react thats using service worker and manifest for Pwa functions. We use google and facebook to login to the app.
Problem: When running it in Chrome browser (not fullframe) and login to the with eg. google its no problem. When i save it to homescreen and use it in standalone mode (pwa) and hit the our login btn ,google login window opens and i pic an account to login whith. After that the pwa restarts with the splashscreen and im back to where im started Not logged in. Please help
As discussed in this documentation,
When you launch your web app from the home screen a number of things happen behind the scenes:
Chrome launches.
The renderer that displays the page starts up.
Your site loads from the network (or from cache if it has a service
worker).
If you haven't done so, you may want to check Introduction to Service Worker for more information.
With this, you may want to try let the user automatically sign back in to avoid this logging redirect problem.
Additional code reference, see this SO post.
What would be the easiest way for me to set up a Chrome extension that starts when I log in to my Windows account, and can be connected to a WebSocket server to check for, say, new messages, and then pop open a desktop notification, that clicks to the messages web page?
I expect that making an extension is straight forward, as well as getting it to communicate with WebSockets, and making the desktop notification.
But what about making it automatically start when I log in to the computer? What would be a good way to do this in Windows? I am not interested in having the chrome browser to open up at log in, but I certainly don't mind if I see Chrome in the task bar.
You might look into chrome.runtime.onStartUp: https://developer.chrome.com/apps/runtime#event-onStartup, which is
"Fired when a profile that has this extension installed first starts up."
Also, you can use chrome.alarms to schedule a function to run every minute or so, to open a WebSocket somewhere, etc.
The app may try to unload itself if there are no active windows, so you can call some action in chrome.runtime.onSuspend (like loading an XHR somewhere) to cause onSuspendCanceled to trigger.
I spent the day debugging my website, because I seem to be getting randomly logged out, but just on Chrome on Android.
After reviewing the server logs, I see requests from my Android tablets IP hitting my server for links that I never clicked on. After some experimentation I see every couple of links I click, Chrome will fetch another link at random in the page that was not clicked.
The issue is that there is an a link in the page with an href="logout" which will sign in, and Chrome calls this all on its own, disconnecting the session. I suppose if I changed the link to call a POST operation Google would not fetch it, but I can't see why Google would be fetching links that were not clicked.
This is very odd, and does not occur on Firefox, or Chrome on Windows.
Not sure if this is some sort of virus on the tablet, or some thing Google is doing to check the content of pages that it would not have access to without the session.
I have seen Google do this before, but only when there were Google ads in the page, then Google would fetch the links twice so that it could get the page content to choose the ad. This seems a huge privacy issue, as Chrome is fetching private data from the session.
So the issue is that Chrome is using a new feature "prefetching".
This is a "feature" that will have Chrome randomly fetch any linked URL from the page.
This seems like a very error prone "feature" for Chrome to enable by default. Seems like it could give the user cached or stale data, or change the server's state causing obscure difficult to debug issues. This will also use double the amount of the user's data (and server's CPU), which you would think would not be desirable to most users that pay for their data.
I confirmed this by disabling the feature in Chrome.
My solution was to switch the logout call to use a POST through a element.
See, https://www.technipages.com/google-chrome-prefetch